| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hilfe!!! Internet öffnet selbstständig Fenster.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.02.2015, 15:15
| #16 |
 |  Hilfe!!! Internet öffnet selbstständig Fenster.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by ola (administrator) on OLA-PC on 24-02-2015 15:11:41
Running from C:\Users\ola\Desktop
Loaded Profiles: ola (Available profiles: ola)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
() C:\Users\ola\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Google Update] => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [GameXN GO] => "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [GoogleChromeAutoLaunch_7AF6FE48D09771C69065DE049B362851] => C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Alamandi tray notifier] => c:\program files (x86)\deutschland spielt\alamandi\TaskBarNotifier.exe
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Amazon Music] => C:\Users\ola\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
URLSearchHook: HKLM-x32 - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File
SearchScopes: HKLM -> {892BD02F-3625-446B-A532-15841A4B06CA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {892BD02F-3625-446B-A532-15841A4B06CA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {833BB9C0-5FE7-4DF9-9705-E7160106147D} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&origin=searchplugin
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {892BD02F-3625-446B-A532-15841A4B06CA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: GMX Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: GMX Konfiguration -> {17166733-40EA-4432-A85C-AE672FF0E236} -> C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: GMX Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - No Name - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {9E89BECE-D23F-4782-8397-242E78C042D1}
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2010-02-05] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.0 -> C:\Program Files (x86)\GameTreat Player\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @exent.com/npExentWidget,version=0.9.0.0 -> C:\Program Files (x86)\GameTreat Player\npExentWidget.dll (Exent Technologies Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-107307583-39740663-3650351078-1001: @tools.google.com/Google Update;version=3 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-107307583-39740663-3650351078-1001: @tools.google.com/Google Update;version=9 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-12]
FF HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Kaspersky Protection) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-23]
CHR Extension: (No Name) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmcplcebggimminoiheibhndgamccdgl [2011-08-09]
CHR Extension: (Google Wallet) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
StartMenuInternet: Google Chrome - C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-01-24] (Adobe Systems) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-12-08] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [116264 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [159784 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [138792 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [137768 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [153128 2008-05-27] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1071616 2010-02-11] (Vimicro Corporation)
R2 X5XSEx_Pr146; C:\Program Files (x86)\GameTreat Player\X5XSEx.Sys [55328 2010-03-10] (Exent Technologies Ltd.)
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 14:25 - 2015-02-24 14:25 - 00064297 _____ () C:\Users\ola\Desktop\FRST_1.txt
2015-02-24 14:24 - 2015-02-24 14:24 - 00001422 _____ () C:\Users\ola\Desktop\AdwCleaner[S0].txt
2015-02-24 14:22 - 2015-02-24 14:22 - 00000623 _____ () C:\Users\ola\Desktop\JRT.txt
2015-02-24 14:14 - 2015-02-24 14:14 - 00001994 _____ () C:\Users\ola\Desktop\anleitung.txt
2015-02-24 14:09 - 2015-02-24 14:14 - 00000000 ____D () C:\AdwCleaner
2015-02-24 14:06 - 2015-02-24 14:06 - 01388274 _____ (Thisisu) C:\Users\ola\Desktop\JRT.exe
2015-02-24 14:05 - 2015-02-24 14:05 - 02126848 _____ () C:\Users\ola\Desktop\AdwCleaner_4.111.exe
2015-02-24 12:45 - 2015-02-24 13:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-24 12:45 - 2015-02-24 13:17 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 12:43 - 2015-02-24 13:17 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-24 12:42 - 2015-02-24 13:41 - 00000000 ____D () C:\Users\ola\Desktop\mbar
2015-02-24 12:42 - 2015-02-24 12:42 - 16502728 _____ (Malwarebytes Corp.) C:\Users\ola\Desktop\mbar-1.09.1.1004.exe
2015-02-24 12:17 - 2015-02-24 15:11 - 00031844 _____ () C:\Users\ola\Desktop\FRST.txt
2015-02-24 12:17 - 2015-02-24 11:55 - 00075549 _____ () C:\Users\ola\Desktop\Addition.txt
2015-02-24 12:17 - 2015-02-24 11:51 - 02087424 _____ (Farbar) C:\Users\ola\Desktop\FRST64.exe
2015-02-24 11:54 - 2015-02-24 11:55 - 00075549 _____ () C:\Users\ola\Downloads\Addition.txt
2015-02-24 11:52 - 2015-02-24 11:52 - 00112554 _____ () C:\Users\ola\Desktop\Hilfe!!! Internet öffnet selbstständig Fenster. - Trojaner-Board.html
2015-02-24 11:52 - 2015-02-24 11:52 - 00000000 ____D () C:\Users\ola\Desktop\Hilfe!!! Internet öffnet selbstständig Fenster. - Trojaner-Board_files
2015-02-24 11:51 - 2015-02-24 15:11 - 00000000 ____D () C:\FRST
2015-02-24 11:51 - 2015-02-24 11:55 - 00063378 _____ () C:\Users\ola\Downloads\FRST.txt
2015-02-24 11:51 - 2015-02-24 11:51 - 02087424 _____ (Farbar) C:\Users\ola\Downloads\FRST64.exe
2015-02-24 11:51 - 2015-02-24 11:51 - 02087424 _____ (Farbar) C:\Users\ola\Downloads\FRST64 (1).exe
2015-02-24 11:50 - 2015-02-24 11:50 - 01127424 _____ (Farbar) C:\Users\ola\Downloads\FRST.exe
2015-02-24 11:16 - 2015-02-24 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ola\Downloads\revosetup95.exe
2015-02-24 11:16 - 2015-02-24 11:16 - 00001222 _____ () C:\Users\ola\Desktop\Revo Uninstaller.lnk
2015-02-24 11:16 - 2015-02-24 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-23 17:36 - 2015-02-23 17:36 - 00000000 ____D () C:\Users\Public\CyberLink
2015-02-23 17:35 - 2015-02-23 17:36 - 00001594 _____ () C:\Windows\VPNUnInstall.MIF
2015-02-23 17:23 - 2015-02-23 17:23 - 00000045 _____ () C:\error.log
2015-02-23 17:05 - 2015-02-23 17:27 - 00000000 ____D () C:\Users\ola\Desktop\MUSIK ALLES
2015-02-23 17:05 - 2015-02-23 17:07 - 00000000 ____D () C:\Users\ola\Desktop\FOTOS ALLES
2015-02-23 13:01 - 2015-02-23 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-02-23 12:47 - 2015-02-23 12:47 - 07778632 _____ () C:\Users\ola\Downloads\Infigo_setup.exe
2015-02-23 11:34 - 2015-02-24 12:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-23 11:32 - 2015-02-23 11:33 - 01388274 _____ (Thisisu) C:\Users\ola\Downloads\JRT42.exe
2015-02-23 11:31 - 2015-02-23 11:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ola\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-22 15:16 - 2015-02-22 15:16 - 00000040 _____ () C:\Users\Public\Documents\_rgpl
2015-02-22 13:40 - 2015-02-22 14:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-22 13:40 - 2015-02-22 13:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-22 13:40 - 2015-02-22 13:40 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-22 13:40 - 2015-02-22 13:40 - 00001337 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-22 13:40 - 2015-02-22 13:40 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-02-22 13:40 - 2015-02-22 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-22 13:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-02-22 13:32 - 2015-02-22 13:32 - 00001175 _____ () C:\Users\ola\Desktop\spybot-2.4.40 - Verknüpfung.lnk
2015-02-22 13:24 - 2015-02-22 13:26 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\ola\Downloads\spybot-2.4.40.exe
2015-02-21 11:18 - 2015-02-21 11:18 - 00000000 ____D () C:\Users\ola\AppData\Roaming\AdobeUM
2015-02-17 16:06 - 2015-02-17 16:07 - 00000000 ____D () C:\Program Files (x86)\Burger Bustle
2015-02-17 16:06 - 2015-02-17 16:06 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burger Bustle
2015-02-17 16:06 - 2015-02-17 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burger Bustle
2015-02-17 15:59 - 2015-02-17 15:59 - 00237568 _____ (Big Fish Games) C:\Users\ola\Downloads\bigfishgames_p230064518_s2_l2.exe
2015-02-15 12:44 - 2015-02-15 12:44 - 00014653 _____ () C:\Users\ola\Downloads\WG Celle (1).xlsx
2015-02-15 12:26 - 2015-02-15 12:26 - 00012427 _____ () C:\Users\ola\Downloads\WG 15A (2).xlsx
2015-02-14 18:55 - 2015-02-14 18:55 - 00012427 _____ () C:\Users\ola\Downloads\WG 15A (1).xlsx
2015-02-14 18:54 - 2015-02-14 18:54 - 00014653 _____ () C:\Users\ola\Downloads\WG Celle.xlsx
2015-02-14 18:53 - 2015-02-14 18:53 - 00012427 _____ () C:\Users\ola\Downloads\WG 15A.xlsx
2015-02-14 14:03 - 2015-02-23 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewelleria
2015-02-14 14:03 - 2015-02-14 14:03 - 00001875 _____ () C:\Users\Public\Desktop\Play Jewelleria.lnk
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Program Files (x86)\Jewelleria
2015-02-14 14:01 - 2015-02-14 14:01 - 00237568 _____ (Big Fish Games) C:\Users\ola\Downloads\bigfishgames_p229860281_s2_l2.exe
2015-02-14 12:46 - 2015-02-14 12:48 - 66714384 _____ (INTENIUM GmbH) C:\Users\ola\Downloads\GreenRanch.exe
2015-02-14 11:09 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 11:09 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 11:09 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 11:09 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 18:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 18:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 18:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 18:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 18:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 18:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 18:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 18:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 18:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 18:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 18:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 18:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 18:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 18:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 18:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 18:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 18:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 18:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 18:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 18:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 18:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 18:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 18:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 18:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 18:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 18:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 18:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 18:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 18:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 18:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 18:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 18:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 18:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 18:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 18:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 18:54 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 18:54 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 18:54 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 18:54 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 18:54 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 18:54 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 18:54 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 18:54 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 18:54 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 18:54 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 18:54 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 18:54 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 18:54 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 18:54 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 18:54 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 18:54 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 18:54 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-12 18:49 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 18:49 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-12 18:49 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 18:45 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 18:45 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 18:45 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 18:45 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 18:45 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 18:45 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 18:45 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 18:45 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 18:45 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 18:45 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 18:45 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 18:45 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 18:45 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 18:45 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 18:45 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 18:45 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 18:45 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 18:45 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 18:44 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 18:44 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 18:44 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-12 18:44 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-12 18:44 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-12 18:44 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-12 18:43 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 18:43 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 18:41 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 18:41 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 18:41 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 18:41 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 18:41 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 18:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 18:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 18:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 18:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 18:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 18:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 18:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 18:40 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 18:40 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 18:38 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 18:05 - 2015-02-12 18:05 - 00000000 ____D () C:\Users\ola\Documents\Simply Super Software
2015-02-12 18:05 - 2015-02-12 18:05 - 00000000 ____D () C:\ProgramData\Licenses
2015-02-12 18:04 - 2015-02-12 18:04 - 00001097 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2015-02-12 18:04 - 2015-02-12 18:04 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-02-12 18:04 - 2015-02-12 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-02-12 18:04 - 2015-02-12 18:04 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-02-12 18:02 - 2015-02-12 18:04 - 31390952 _____ (Simply Super Software ) C:\Users\ola\Downloads\trjsetup691.exe
2015-02-09 15:43 - 2015-02-09 15:43 - 00000000 ____D () C:\Users\ola\AppData\Roaming\MMFApplications
2015-02-09 13:06 - 2015-02-09 13:15 - 361382144 _____ (INTENIUM GmbH) C:\Users\ola\Downloads\Delicious10Sammleredition.exe
2015-02-05 11:37 - 2015-02-05 11:37 - 00000000 ____D () C:\Users\ola\AppData\Local\TuneUp Software
2015-02-05 11:36 - 2015-02-05 11:36 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-05 11:35 - 2015-02-05 11:35 - 00001490 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-02-05 11:35 - 2015-02-05 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-05 11:34 - 2015-02-05 11:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-05 11:34 - 2015-02-05 11:34 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-05 11:32 - 2015-02-05 11:33 - 34792128 _____ (DVDVideoSoft Ltd. ) C:\Users\ola\Downloads\FreeYouTubeToMP354Converter.exe
2015-02-04 16:56 - 2015-02-04 16:56 - 00014927 _____ () C:\Users\ola\Downloads\Steckbrief.odt
2015-01-31 10:44 - 2015-01-31 10:44 - 00000000 __SHD () C:\found.001
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 15:11 - 2010-11-08 13:17 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-24 14:50 - 2010-09-08 14:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 14:35 - 2013-02-27 22:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-24 14:26 - 2010-10-16 19:21 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA.job
2015-02-24 14:23 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 14:23 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 14:19 - 2010-05-14 19:24 - 01809233 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 14:18 - 2010-10-17 10:13 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Skype
2015-02-24 14:16 - 2010-09-08 14:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 14:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 14:15 - 2009-07-14 05:51 - 00225750 _____ () C:\Windows\setupact.log
2015-02-24 13:26 - 2010-10-16 19:21 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core.job
2015-02-24 10:53 - 2010-12-12 15:30 - 00000000 ____D () C:\GameHouse Games
2015-02-24 10:50 - 2010-09-09 18:33 - 01146558 _____ () C:\Windows\PFRO.log
2015-02-24 02:36 - 2013-08-29 15:17 - 00000000 ____D () C:\Users\ola\Desktop\Gruppenleitung
2015-02-24 00:39 - 2010-02-05 19:06 - 00000000 ____D () C:\ProgramData\Temp
2015-02-24 00:28 - 2010-11-19 15:55 - 00000000 ____D () C:\Users\ola\AppData\Local\CrashDumps
2015-02-23 19:07 - 2009-10-15 15:15 - 00000000 ____D () C:\Users\ola\Desktop\Jessi´s Daten
2015-02-23 18:50 - 2010-02-06 03:50 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-02-23 18:50 - 2010-02-06 03:50 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-02-23 18:50 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 18:46 - 2013-06-05 00:09 - 00000000 ____D () C:\Users\ola\Desktop\Kreatives und Merke dir es
2015-02-23 18:37 - 2014-09-20 10:58 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Samsung
2015-02-23 18:37 - 2014-09-20 10:58 - 00000000 ____D () C:\Users\ola\AppData\Local\Samsung
2015-02-23 18:37 - 2014-09-20 10:53 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-02-23 18:36 - 2014-09-20 10:53 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-23 18:36 - 2010-02-05 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-23 18:19 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-23 18:12 - 2010-12-12 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse
2015-02-23 18:12 - 2010-12-12 15:25 - 00000000 ____D () C:\Program Files (x86)\RealArcade
2015-02-23 18:06 - 2010-11-27 16:18 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2015-02-23 17:55 - 2011-11-12 18:50 - 00000000 ____H () C:\ProgramData\PKP_DLdw.DAT
2015-02-23 17:55 - 2011-11-12 18:50 - 00000000 _____ () C:\Users\ola\AppData\Roaming\Database
2015-02-23 17:38 - 2010-02-05 19:06 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2015-02-23 17:26 - 2011-11-12 18:48 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-23 17:26 - 2011-11-12 18:47 - 00000000 ____H () C:\ProgramData\PKP_DLdu.DAT
2015-02-23 17:26 - 2011-11-12 18:47 - 00000000 _____ () C:\Users\ola\AppData\Roaming\Dance
2015-02-23 17:16 - 2010-09-08 14:33 - 00000000 ____D () C:\Users\ola
2015-02-23 17:00 - 2010-11-17 12:14 - 00000000 ____D () C:\Program Files\DivX
2015-02-23 17:00 - 2010-11-17 12:13 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-02-23 17:00 - 2010-11-17 12:12 - 00000000 ____D () C:\ProgramData\DivX
2015-02-23 16:47 - 2015-01-22 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dancing Craze
2015-02-23 16:46 - 2015-01-23 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Keeper 2
2015-02-23 13:00 - 2010-09-08 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-23 12:37 - 2010-09-08 14:51 - 00000000 ____D () C:\Program Files\Google
2015-02-23 12:37 - 2010-09-08 14:51 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 12:34 - 2010-09-08 14:51 - 00000000 ____D () C:\Users\ola\AppData\Local\Google
2015-02-23 12:34 - 2010-09-08 14:51 - 00000000 ____D () C:\ProgramData\Google
2015-02-23 12:20 - 2010-09-18 12:10 - 00209930 _____ () C:\Windows\DPINST.LOG
2015-02-23 12:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2015-02-23 11:39 - 2010-11-12 10:42 - 00000000 ____D () C:\ProgramData\Alawar Stargaze
2015-02-23 11:26 - 2010-02-05 19:32 - 00000000 ____D () C:\ProgramData\Norton
2015-02-22 13:28 - 2011-05-30 09:37 - 00000000 ____D () C:\Users\TEMP
2015-02-21 10:29 - 2010-10-16 19:21 - 00002344 _____ () C:\Users\ola\Desktop\Google Chrome.lnk
2015-02-20 11:07 - 2010-12-16 13:07 - 00000000 ____D () C:\Users\ola\AppData\Roaming\HP Support Assistant
2015-02-20 11:07 - 2010-09-09 18:38 - 00000000 ____D () C:\Users\ola\AppData\Roaming\HpUpdate
2015-02-18 14:09 - 2013-07-10 14:21 - 00000000 ____D () C:\BigFishCache
2015-02-15 17:23 - 2010-12-05 15:21 - 00001885 _____ () C:\Users\ola\Documents\DancingCraze.log
2015-02-15 13:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-15 10:59 - 2014-03-04 18:16 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Juliette's Fashion Empire DE
2015-02-14 12:54 - 2013-11-30 20:41 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Palaplay
2015-02-14 12:53 - 2014-12-10 17:31 - 00001089 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2015-02-14 11:44 - 2014-08-18 08:44 - 00000000 ____D () C:\Users\ola\AppData\Local\com.gamehouse.acid
2015-02-14 10:44 - 2009-07-14 05:45 - 00460736 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 10:42 - 2014-12-11 03:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-14 10:42 - 2014-05-06 09:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 01:39 - 2010-09-16 19:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 01:27 - 2013-08-14 09:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 00:13 - 2010-10-08 20:49 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-12 18:00 - 2013-10-23 16:12 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-12 17:59 - 2013-07-12 10:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-12 17:56 - 2014-11-24 12:08 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-12 17:56 - 2014-11-24 12:08 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-12 17:56 - 2014-11-24 12:08 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-12 17:56 - 2014-11-24 12:08 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-12 17:56 - 2014-11-24 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-09 13:21 - 2010-10-16 19:21 - 00004078 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA
2015-02-09 13:21 - 2010-10-16 19:21 - 00003682 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core
2015-02-05 12:36 - 2013-02-27 22:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 12:36 - 2013-02-27 22:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 12:36 - 2011-05-18 15:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 11:40 - 2012-06-25 12:20 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-05 11:37 - 2012-06-25 12:20 - 00000000 ____D () C:\Users\ola\AppData\Roaming\TuneUp Software
2015-02-05 11:35 - 2011-07-28 17:56 - 00000000 ____D () C:\Users\ola\AppData\Roaming\DVDVideoSoft
2015-02-04 10:45 - 2010-09-08 14:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 10:45 - 2010-09-08 14:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2010-11-16 13:57 - 2010-11-16 13:57 - 0774144 _____ (RealNetworks, Inc.) C:\Program Files (x86)\RngInterstitial.dll
2011-11-12 18:47 - 2015-02-23 17:26 - 0000000 _____ () C:\Users\ola\AppData\Roaming\Dance
2011-11-12 18:50 - 2015-02-23 17:55 - 0000000 _____ () C:\Users\ola\AppData\Roaming\Database
2011-06-05 17:42 - 2011-06-15 12:03 - 0000011 _____ () C:\Users\ola\AppData\Roaming\log.txt
2014-06-16 10:04 - 2014-06-16 10:04 - 0000216 _____ () C:\Users\ola\AppData\Roaming\wklnhst.dat
2011-01-08 02:14 - 2011-01-08 02:18 - 0022016 _____ () C:\Users\ola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-16 14:02 - 2010-12-06 16:45 - 0000198 _____ () C:\Users\ola\AppData\Local\DownloadLog.txt
2012-01-02 10:07 - 2012-01-02 11:07 - 0153043 _____ () C:\Users\ola\AppData\Local\log.txt
2011-05-19 13:03 - 2011-05-19 13:03 - 0006474 _____ () C:\Users\ola\AppData\Local\tmp148996_172999622712932_100000086862591_620133_4604791_S.0
2011-05-19 13:03 - 2011-05-19 13:03 - 0006419 _____ () C:\Users\ola\AppData\Local\tmp148996_172999622712932_100000086862591_620133_4604791_S.JPG
2010-12-03 15:20 - 2014-11-14 05:07 - 0014983 _____ () C:\ProgramData\hpzinstall.log
2011-11-12 18:47 - 2015-02-23 17:26 - 0000000 ____H () C:\ProgramData\PKP_DLdu.DAT
2011-11-12 18:50 - 2015-02-23 17:55 - 0000000 ____H () C:\ProgramData\PKP_DLdw.DAT
Files to move or delete:
====================
C:\Users\ola\cudart32_30_14.dll
C:\Users\ola\vedFramework.dll
C:\Users\ola\XMLWrapper.dll
Some content of TEMP:
====================
C:\Users\ola\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\ola\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\ola\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\ola\AppData\Local\Temp\ose00000.exe
C:\Users\ola\AppData\Local\Temp\Quarantine.exe
C:\Users\ola\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\ola\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\ola\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 13:42
==================== End Of Log ============================
|
|
24.02.2015, 15:16
| #17 |
| | Hilfe!!! Internet öffnet selbstständig Fenster.Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2015
Ran by ola at 2015-02-24 15:12:22
Running from C:\Users\ola\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader 8.3.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Music (HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
ATI Catalyst Install Manager (HKLM\...\{67CA5B4D-32DA-B54C-1851-F68ECD83262E}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Bauern-Spass (HKLM-x32\...\{08C06EC7-FD54-4C4E-9FED-1E8DA7367BE3}) (Version: 1.00.0000 - Intenium GmbH)
Bauern-Spaß (HKLM-x32\...\Bauern-Spaß) (Version: 1.0.0.0 - INTENIUM GmbH)
Beach Party Craze Deluxe (HKLM-x32\...\ab25efd7edca8068e25022a8dcb023bc) (Version: - Zylom)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Burger Bustle (HKLM-x32\...\BFG-Burger Bustle) (Version: - )
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Cake Mania Main Street (HKLM-x32\...\BFG-Cake Mania Main Street) (Version: - )
Cake Mania: Lights, Camera, Action! (HKLM-x32\...\BFG-Cake Mania - Lights, Camera, Action) (Version: - )
ccc-core-static (x32 Version: 2009.1201.2247.40849 - Ihr Firmenname) Hidden
Chicken Invaders 4 – Weihnachtsedition (HKLM-x32\...\Chicken Invaders 4 – Weihnachtsedition) (Version: 1.0.0.0 - INTENIUM GmbH)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Dancing Craze (HKLM-x32\...\BFG-Dancing Craze) (Version: - )
Delicious: Emily und die Traumhochzeit Sammleredition (HKLM-x32\...\Delicious: Emily und die Traumhochzeit Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)
Der Bau der Chinesischen Mauer (HKLM-x32\...\Der Bau der Chinesischen Mauer) (Version: - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.4.38 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\{D2B31FE6-127F-4E79-8186-F080A282FBC7}) (Version: 1.0.0.46 - Intenium GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
DEUTSCHLAND SPIELT Spiele Post (HKLM-x32\...\DEUTSCHLAND SPIELT Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Die FreeRide Games Bar Toolbar (HKLM-x32\...\Die_FreeRide_Games_Bar Toolbar) (Version: 6.5.2.8 - Die FreeRide Games Bar)
Die Legende von Atlantis - Exodus (HKLM-x32\...\{AB49EB53-CEA8-40F1-828B-7DE5D7D158F0}) (Version: 1.00.0000 - Intenium GmbH)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Double Pack SuperMarket Management Deluxe (HKLM-x32\...\7283d44070835c6bc64e323b40b6ec9f) (Version: - Zylom)
Dragon Keeper 2 (HKLM-x32\...\BFG-Dragon Keeper 2) (Version: - )
DragonStone (HKLM-x32\...\BFG-DragonStone) (Version: - )
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Farm Mania Hot Vacation (HKLM-x32\...\Farm Mania Hot Vacation_is1) (Version: - Realore Studios)
Farmscapes (HKLM-x32\...\BFG-Farmscapes) (Version: - )
Farmscapes (HKLM-x32\...\Farmscapes_is1) (Version: - Playrix Entertainment)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Audio CD Burner version 1.4.8 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
GameCatalog42.2013 (x32 Version: 1.00.0000 - Intenium GmbH) Hidden
GameTreat Player (HKLM-x32\...\{AC323D63-F1B1-4FA6-88B1-72E74025036E}) (Version: - )
GMX Internet Explorer Addon (HKLM-x32\...\1&1 Mail & Media GmbH 1und1InternetExplorerAddon) (Version: 1.0.1.0 - 1&1 Mail & Media GmbH)
GMX Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 2.0.1.5 - 1&1 Mail & Media GmbH)
GMX Toolbar für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 1.7.2.0 - 1&1 Mail & Media GmbH)
GMX Toolbar MSVC100 CRT x64 (Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
GMX Toolbar MSVC100 CRT x86 (x32 Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
Google Chrome (HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grave Mania: Zombiefieber (HKLM-x32\...\BFG-Grave Mania - Zombiefieber) (Version: - )
Hardwarediagnosetools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hello Venice (HKLM-x32\...\{6B19A215-DFA2-440D-B972-08CEEB77F078}) (Version: 1.00.0000 - Intenium GmbH)
Hello Venice (HKLM-x32\...\BFG-Hello Venice) (Version: - )
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}) (Version: 5.1.10.7 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.128.0 - ATI Technologies Inc.) Hidden
Insaniquarium Deluxe (HKLM-x32\...\9a14c916588716e1e4a91a4414907685) (Version: - Zylom)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Island Tribe (HKLM-x32\...\Island Tribe_is1) (Version: - Realore Studios)
Island Tribe 2 (HKLM-x32\...\BFG-Island Tribe 2) (Version: - )
Island Tribe 2 (HKLM-x32\...\Island Tribe 2_is1) (Version: - Realore Studios)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jet Set Go (HKLM-x32\...\Jet Set Go) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewelleria (HKLM-x32\...\BFG-Jewelleria) (Version: - )
Juliettes Mode-Imperium (HKLM-x32\...\Juliettes Mode-Imperium) (Version: 1.0.0.0 - INTENIUM GmbH)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Katy + Bob (HKLM-x32\...\Katy + Bob) (Version: - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mein eigener Bauernhof (HKLM-x32\...\Mein eigener Bauernhof_is1) (Version: - Realore Studios)
Mein eigener Bauernhof 2 (HKLM-x32\...\Mein eigener Bauernhof 2_is1) (Version: - Realore Studios)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\MyFreeCodec) (Version: - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Paradise Beach 2 (HKLM-x32\...\{63C716AA-D7E0-4ED4-AC70-84F255F2AD55}) (Version: 1.00.0000 - Intenium GmbH)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
Pet Show Craze Deluxe (HKLM-x32\...\7d89a1ed80d764888be08d8ed2b7ddbb) (Version: - Zylom)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ritter Arthur 4 (HKLM-x32\...\Ritter Arthur 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur III (HKLM-x32\...\Ritter Arthur III) (Version: 1.0.0.0 - INTENIUM GmbH)
Roads Of Rome (HKLM-x32\...\Roads Of Rome_is1) (Version: - Realore Studios)
Roads of Rome 3 (HKLM-x32\...\Roads of Rome 3) (Version: 32.0.0.0 - Shockwave.com)
Royal Envoy (HKLM-x32\...\Royal Envoy_is1) (Version: - Playrix Entertainment)
Royal Envoy 2 (HKLM-x32\...\Royal Envoy 2_is1) (Version: - Playrix Entertainment)
Sally's Quick Clips (HKLM-x32\...\c59fb4f519ae3f5779eefbda2291335c) (Version: - Zylom)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Viking Saga (HKLM-x32\...\b084798fee4191843dbe5cdb90c900ef) (Version: - GameHouse)
Viking Saga (HKLM-x32\...\BFG-Viking Saga) (Version: - )
viking saga (HKLM-x32\...\viking saga_is1) (Version: - Realore Studios)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Salon Deluxe (HKLM-x32\...\3866c7ce7716fadf1b53a2ff8d90be59) (Version: - Zylom)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.20 - WildTangent)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Youda Farmer (HKLM-x32\...\Youda Farmer) (Version: - )
Youda Farmer 3: Jahreszeiten (HKLM-x32\...\Youda Farmer 3: Jahreszeiten) (Version: 1.0.0.0 - INTENIUM GmbH)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
19-02-2015 10:17:20 Windows Update
23-02-2015 13:00:22 Windows Update
23-02-2015 16:54:54 TuneUp Utilities 2014 wird entfernt
23-02-2015 16:57:13 TuneUp Utilities 2014 (de-DE) wird entfernt
23-02-2015 17:15:48 Entfernt Panorama Maker
23-02-2015 17:23:41 Entfernt MediaImpression
23-02-2015 17:25:48 Removed Nikon Transfer
23-02-2015 17:35:06 Removed Cisco Systems VPN Client 5.0.07.0290
23-02-2015 17:37:17 Konfiguriert PowerStarter
23-02-2015 17:43:03 Removed Die Ratten.
23-02-2015 17:51:57 Removed File Uploader
23-02-2015 17:52:36 Removed File Uploader
23-02-2015 17:53:14 Removed Nikon Message Center
23-02-2015 17:53:32 Removed Picture Control Utility
23-02-2015 17:54:15 Removed ViewNX
23-02-2015 17:55:52 Removed File Uploader
23-02-2015 17:56:30 Removed Picture Control Utility
23-02-2015 18:03:42 Removed The Clockmaker - Die Stunde des Uhrmachers.
23-02-2015 18:34:51 Removed Samsung Kies
24-02-2015 13:07:56 Malwarebytes Anti-Rootkit Restore Point
24-02-2015 13:57:30 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0ADCF13C-D003-4C8D-94D7-EE901DA4A609} - System32\Tasks\{440C16AE-EFF7-4451-9E33-E04BFA205354} => Chrome.exe
Task: {222EB722-32B4-4C08-A2A1-67E2C6283CC2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {2CF4D595-4B23-416F-88CA-2861FD7D3B76} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {3B847ADD-D18A-42AB-B426-0774014E7014} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {42BF959D-4F51-4743-BF0E-ACD9096DECDA} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {43F46D89-5F6B-4D5D-AB7F-A404A7B51100} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {48C7550E-5201-4279-A0F1-2C60B8B60BB0} - System32\Tasks\{5F0472E8-4636-4748-8486-5A34D579AEB8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {52BAA416-89BB-4321-B717-345162D64B72} - System32\Tasks\{DDDAEAD7-D45D-41AA-8A89-B0F818DE02C4} => pcalua.exe -a "C:\Program Files (x86)\Shockwave.com\Camp Funshine - Carrie the Caregiver 3\Camp Funshine - Carrie the Caregiver 3.exe" -d C:\Users\ola\Desktop
Task: {56DB60FE-FFCB-467B-93F0-6FF5E9A07FF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {584CA625-7C99-4E0E-BE5F-9CDB3F94CE91} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {5FB1A7E7-2BF3-4A45-80B1-B8F6FA877477} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {724F7291-CE40-41A1-A9A0-924316DE2390} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {85DA9ABF-C6C3-448C-B5BE-8A01C40C2840} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {94621FE4-1114-43E4-A95C-B112540CE59C} - System32\Tasks\1und1 Konfiguration => C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe [2011-04-19] (1und1 Mail und Media GmbH)
Task: {9605CCA3-7C86-4ACC-90A5-3EBFA29BDB3B} - System32\Tasks\{AF6F217A-6557-4705-A11D-D8705CE52A49} => pcalua.exe -a "C:\Users\ola\Downloads\DancingCraze (1).exe" -d C:\Users\ola\Downloads
Task: {AA7B0780-C9B8-4CAD-95CC-371756F5B285} - System32\Tasks\{CAF7B480-2A56-4CF5-BEA1-D717E2B4F1AF} => pcalua.exe -a "C:\Users\ola\Downloads\InstallCakeMania2 (1).exe" -d C:\Users\ola\Downloads
Task: {AD1C7FB3-7C40-4FBA-ABB5-76BF963ECE99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {B50C9F2D-9499-4AB6-A724-C8AC8FA222D3} - System32\Tasks\{996E5C7A-CCAE-4656-8D5D-89BE152FD3E4} => pcalua.exe -a C:\Users\ola\Desktop\DiamondDrop2.exe -d C:\Users\ola\Desktop
Task: {B609AA2B-B181-43D3-84EC-B660DC3C01EC} - System32\Tasks\{208FEADB-A1A9-4840-8445-2DE9903BAFDA} => pcalua.exe -a "C:\Users\ola\Downloads\RitterArthur4 (1).exe" -d C:\Users\ola\Downloads
Task: {B9BFC3EB-5A7E-43D6-83AF-E11CDD19DDA2} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2011-06-08] (1&1 Mail & Media GmbH)
Task: {C1EA5B84-2B14-43D4-A295-95C026651C8F} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {C6409590-4B9B-4502-8AF5-0B8C7D0C9E64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {C675942D-5330-49A1-9E19-48953EF659E6} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {D08BC7DE-3204-457E-9541-091F2EEE1449} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E056F0DF-D200-4A05-AD81-BBA7BAC162FB} - System32\Tasks\{2FA90A2F-3E1B-4BDC-980B-0704EA92DA79} => pcalua.exe -a "C:\Users\ola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLAXA7BL\DiamondDrop2[1].exe" -d C:\Users\ola\Desktop
Task: {F7874B80-5184-4793-9FE4-3165B5525F41} - System32\Tasks\{0CF927CB-81C6-4D35-B425-FA96E1EA5DF3} => pcalua.exe -a "C:\Users\ola\Downloads\DieSpurensucher (1).exe" -d C:\Users\ola\Downloads
Task: {F78C369F-738B-4EDA-841C-520FA6C0878B} - System32\Tasks\{9B58D4A6-80C8-4626-96C0-D2D146DBFF74} => pcalua.exe -a "J:\maren\Office 2007 - Deutsch + seriell\setup.exe" -d "J:\maren\Office 2007 - Deutsch + seriell"
Task: {F8496263-A388-4A62-8EA8-52DA054C5770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core.job => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA.job => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
==================== Loaded Modules (whitelisted) ==============
2009-09-14 16:17 - 2009-09-14 16:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-09-12 18:39 - 2014-09-06 01:54 - 06281536 _____ () C:\Users\ola\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-06-26 11:25 - 2009-06-26 11:25 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-02-05 19:04 - 2010-02-05 19:04 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-02-22 13:40 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-22 13:40 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-22 13:40 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-22 13:40 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-22 13:40 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-02-05 19:03 - 2009-10-02 12:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2010-05-04 15:36 - 2010-05-04 15:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2009-10-22 18:50 - 2009-10-22 18:50 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-02-21 10:29 - 2015-02-17 23:44 - 01117512 _____ () C:\Users\ola\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-21 10:29 - 2015-02-17 23:44 - 00211272 _____ () C:\Users\ola\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-21 10:29 - 2015-02-17 23:44 - 09171272 _____ () C:\Users\ola\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\ola:zylomtest
AlternateDataStreams: C:\Users\ola:zylomtr{0000278T-TT9K-T8DU-07LG-28DG94S2MVRH}
AlternateDataStreams: C:\Users\ola:zylomtr{0000278T-TT9K-T8DU-07LG-28DG94S2MVTH}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-70L9-2A8RJ1B4CV71}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-70L9-2A8RJ1B4CVL4}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-9MH3-29NVUQ9IEVPR}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-GEOR-27TDF94KAVIC}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-QFBF-26K1JL6KQVVO}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-1VH8-28I0EFCC2VOB}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-1VH8-28I0EFCC2VVP}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-3BG4-281NL05DCVTO}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-6E2T-2B6FMQRBGVRR}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-6E2T-2B6FMQRBGVTH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU4}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-J24H-293SB52ICVVS}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-CB1H-264U84BSAVVN}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVIR}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVPQ}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVQQ}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVUC}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-V08M-26E8LC4K2VVR}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-1EMN-28M5NPU00VQH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-1EMN-295K77I0IVVI}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-40QI-27REBT9KOVVK}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-7U7M-26FBSL48IVVJ}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-8AT4-258NF6K78VST}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-L1G2-28QRSPMS6VVH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-L4Q0-290ETKLEB000}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-O5NG-26MTF54NEVSV}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-S3H7-2A5PQROOQVT8}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-S3H7-2A5PQROOQVVP}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-3S8E-27J3AJ6UT000}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-5TO3-2831TOKLCVUL}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-74E3-28689HMLOVUP}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-US8E-26I93FV2MVV4}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG5-8A6T-26VOTC6OMVND}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVKL}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVLH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVML}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVOE}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-64CA-2ASVQDAHMVP0}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-64CA-2ASVQDAHMVS3}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-5P29-2A14KFREQVPV}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-9H53-25QU2TIGSVVL}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-27Q18NRLP000}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVTT}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVVI}
AlternateDataStreams: C:\Users\ola:zylomtr{1000278T-TT9K-T8DU-1KFV-23O5NTEJMVRJ}
AlternateDataStreams: C:\ProgramData\Temp:00F3978A
AlternateDataStreams: C:\ProgramData\Temp:014BC3B4
AlternateDataStreams: C:\ProgramData\Temp:02B823FE
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:059167AF
AlternateDataStreams: C:\ProgramData\Temp:06B8FE62
AlternateDataStreams: C:\ProgramData\Temp:073139EC
AlternateDataStreams: C:\ProgramData\Temp:07C99568
AlternateDataStreams: C:\ProgramData\Temp:07D9FF25
AlternateDataStreams: C:\ProgramData\Temp:0915A718
AlternateDataStreams: C:\ProgramData\Temp:0988A428
AlternateDataStreams: C:\ProgramData\Temp:09CD1DC6
AlternateDataStreams: C:\ProgramData\Temp:0ACF1AF5
AlternateDataStreams: C:\ProgramData\Temp:0AE2C68F
AlternateDataStreams: C:\ProgramData\Temp:0AF6266B
AlternateDataStreams: C:\ProgramData\Temp:0BABC4C8
AlternateDataStreams: C:\ProgramData\Temp:0BF4DA47
AlternateDataStreams: C:\ProgramData\Temp:0C2A17F2
AlternateDataStreams: C:\ProgramData\Temp:0C2F9CC7
AlternateDataStreams: C:\ProgramData\Temp:0CCCEDA1
AlternateDataStreams: C:\ProgramData\Temp:0CDF8C3D
AlternateDataStreams: C:\ProgramData\Temp:0DFE2AE1
AlternateDataStreams: C:\ProgramData\Temp:0E5CFA74
AlternateDataStreams: C:\ProgramData\Temp:0E61938B
AlternateDataStreams: C:\ProgramData\Temp:0FC68B9A
AlternateDataStreams: C:\ProgramData\Temp:10094A5D
AlternateDataStreams: C:\ProgramData\Temp:104A718B
AlternateDataStreams: C:\ProgramData\Temp:109BD730
AlternateDataStreams: C:\ProgramData\Temp:10D45FC3
AlternateDataStreams: C:\ProgramData\Temp:10D98D98
AlternateDataStreams: C:\ProgramData\Temp:120E44A4
AlternateDataStreams: C:\ProgramData\Temp:122B409D
AlternateDataStreams: C:\ProgramData\Temp:1297FF3C
AlternateDataStreams: C:\ProgramData\Temp:12A012A1
AlternateDataStreams: C:\ProgramData\Temp:1419F1F4
AlternateDataStreams: C:\ProgramData\Temp:14FA5E46
AlternateDataStreams: C:\ProgramData\Temp:15381DB9
AlternateDataStreams: C:\ProgramData\Temp:1656EE95
AlternateDataStreams: C:\ProgramData\Temp:165AF2C6
AlternateDataStreams: C:\ProgramData\Temp:169E7AC5
AlternateDataStreams: C:\ProgramData\Temp:16A4620C
AlternateDataStreams: C:\ProgramData\Temp:16C16B18
AlternateDataStreams: C:\ProgramData\Temp:16F42F1F
AlternateDataStreams: C:\ProgramData\Temp:175721D5
AlternateDataStreams: C:\ProgramData\Temp:17F7AEA3
AlternateDataStreams: C:\ProgramData\Temp:18345E10
AlternateDataStreams: C:\ProgramData\Temp:193CB03B
AlternateDataStreams: C:\ProgramData\Temp:197DD5C6
AlternateDataStreams: C:\ProgramData\Temp:1ADC4BD5
AlternateDataStreams: C:\ProgramData\Temp:1B3549F2
AlternateDataStreams: C:\ProgramData\Temp:1D4A17AE
AlternateDataStreams: C:\ProgramData\Temp:1D8551A3
AlternateDataStreams: C:\ProgramData\Temp:1E288DA3
AlternateDataStreams: C:\ProgramData\Temp:1E7308B6
AlternateDataStreams: C:\ProgramData\Temp:1EAB6298
AlternateDataStreams: C:\ProgramData\Temp:1FF82161
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:217A2A36
AlternateDataStreams: C:\ProgramData\Temp:2216A431
AlternateDataStreams: C:\ProgramData\Temp:23622B8B
AlternateDataStreams: C:\ProgramData\Temp:2487D1DA
AlternateDataStreams: C:\ProgramData\Temp:24F08129
AlternateDataStreams: C:\ProgramData\Temp:258D2F8B
AlternateDataStreams: C:\ProgramData\Temp:2640C43F
AlternateDataStreams: C:\ProgramData\Temp:268A5068
AlternateDataStreams: C:\ProgramData\Temp:269C0B5C
AlternateDataStreams: C:\ProgramData\Temp:274516E7
AlternateDataStreams: C:\ProgramData\Temp:2775F9E2
AlternateDataStreams: C:\ProgramData\Temp:282CE153
AlternateDataStreams: C:\ProgramData\Temp:28819F45
AlternateDataStreams: C:\ProgramData\Temp:28CCFEFB
AlternateDataStreams: C:\ProgramData\Temp:29C0641D
AlternateDataStreams: C:\ProgramData\Temp:2C14DBD1
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2CDB9CA3
AlternateDataStreams: C:\ProgramData\Temp:2CED8825
AlternateDataStreams: C:\ProgramData\Temp:2D0DFF22
AlternateDataStreams: C:\ProgramData\Temp:2D1AE3BE
AlternateDataStreams: C:\ProgramData\Temp:2D3CB929
AlternateDataStreams: C:\ProgramData\Temp:2EB79F01
AlternateDataStreams: C:\ProgramData\Temp:2F7C40B6
AlternateDataStreams: C:\ProgramData\Temp:30E0D641
AlternateDataStreams: C:\ProgramData\Temp:3113BD8B
AlternateDataStreams: C:\ProgramData\Temp:3118E26B
AlternateDataStreams: C:\ProgramData\Temp:31F2397C
AlternateDataStreams: C:\ProgramData\Temp:329BA65B
AlternateDataStreams: C:\ProgramData\Temp:32AA69ED
AlternateDataStreams: C:\ProgramData\Temp:32AE8659
AlternateDataStreams: C:\ProgramData\Temp:346337E3
AlternateDataStreams: C:\ProgramData\Temp:3487C53E
AlternateDataStreams: C:\ProgramData\Temp:349E5B74
AlternateDataStreams: C:\ProgramData\Temp:34FDB459
AlternateDataStreams: C:\ProgramData\Temp:35629AE6
AlternateDataStreams: C:\ProgramData\Temp:36608448
AlternateDataStreams: C:\ProgramData\Temp:366B74CA
AlternateDataStreams: C:\ProgramData\Temp:37994DBE
AlternateDataStreams: C:\ProgramData\Temp:385E2CFD
AlternateDataStreams: C:\ProgramData\Temp:38A0E181
AlternateDataStreams: C:\ProgramData\Temp:38FF076E
AlternateDataStreams: C:\ProgramData\Temp:393F7B1E
AlternateDataStreams: C:\ProgramData\Temp:395F6776
AlternateDataStreams: C:\ProgramData\Temp:3991CD7D
AlternateDataStreams: C:\ProgramData\Temp:3AC0ED43
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:3BAD65EA
AlternateDataStreams: C:\ProgramData\Temp:3C0F646D
AlternateDataStreams: C:\ProgramData\Temp:3C6860C5
AlternateDataStreams: C:\ProgramData\Temp:3D033DEC
AlternateDataStreams: C:\ProgramData\Temp:3D67D093
AlternateDataStreams: C:\ProgramData\Temp:3DF63AD7
AlternateDataStreams: C:\ProgramData\Temp:3FE1A827
AlternateDataStreams: C:\ProgramData\Temp:41289DF0
AlternateDataStreams: C:\ProgramData\Temp:41884BBE
AlternateDataStreams: C:\ProgramData\Temp:426D1496
AlternateDataStreams: C:\ProgramData\Temp:432EC713
AlternateDataStreams: C:\ProgramData\Temp:4363DE71
AlternateDataStreams: C:\ProgramData\Temp:439E3411
AlternateDataStreams: C:\ProgramData\Temp:43C9D140
AlternateDataStreams: C:\ProgramData\Temp:43E95997
AlternateDataStreams: C:\ProgramData\Temp:44E16D4A
AlternateDataStreams: C:\ProgramData\Temp:450ABF8D
AlternateDataStreams: C:\ProgramData\Temp:4573A78F
AlternateDataStreams: C:\ProgramData\Temp:45F3AD49
AlternateDataStreams: C:\ProgramData\Temp:46A2F27B
AlternateDataStreams: C:\ProgramData\Temp:4709F39D
AlternateDataStreams: C:\ProgramData\Temp:474D8B37
AlternateDataStreams: C:\ProgramData\Temp:483AC68A
AlternateDataStreams: C:\ProgramData\Temp:490BCC52
AlternateDataStreams: C:\ProgramData\Temp:49B217F7
AlternateDataStreams: C:\ProgramData\Temp:4A03F06E
AlternateDataStreams: C:\ProgramData\Temp:4A0829E0
AlternateDataStreams: C:\ProgramData\Temp:4A5CFD3B
AlternateDataStreams: C:\ProgramData\Temp:4A966CC2
AlternateDataStreams: C:\ProgramData\Temp:4B70A9FA
AlternateDataStreams: C:\ProgramData\Temp:4C16B46B
AlternateDataStreams: C:\ProgramData\Temp:4C3504B5
AlternateDataStreams: C:\ProgramData\Temp:4C71A42B
AlternateDataStreams: C:\ProgramData\Temp:4EF94CF3
AlternateDataStreams: C:\ProgramData\Temp:512336B9
AlternateDataStreams: C:\ProgramData\Temp:5279F7BF
AlternateDataStreams: C:\ProgramData\Temp:52B3B2D1
AlternateDataStreams: C:\ProgramData\Temp:5335CE76
AlternateDataStreams: C:\ProgramData\Temp:54531C7D
AlternateDataStreams: C:\ProgramData\Temp:554C6431
AlternateDataStreams: C:\ProgramData\Temp:56699AAF
AlternateDataStreams: C:\ProgramData\Temp:56C17A93
AlternateDataStreams: C:\ProgramData\Temp:56C66609
AlternateDataStreams: C:\ProgramData\Temp:57173DB4
AlternateDataStreams: C:\ProgramData\Temp:5742B6F5
AlternateDataStreams: C:\ProgramData\Temp:574F975B
AlternateDataStreams: C:\ProgramData\Temp:57619D72
AlternateDataStreams: C:\ProgramData\Temp:57CC1FDC
AlternateDataStreams: C:\ProgramData\Temp:57EE48CA
AlternateDataStreams: C:\ProgramData\Temp:592D7272
AlternateDataStreams: C:\ProgramData\Temp:59846E5E
AlternateDataStreams: C:\ProgramData\Temp:5A068EE1
AlternateDataStreams: C:\ProgramData\Temp:5A437AC3
AlternateDataStreams: C:\ProgramData\Temp:5C0940F1
AlternateDataStreams: C:\ProgramData\Temp:5C3ED5BB
AlternateDataStreams: C:\ProgramData\Temp:5C4A588B
AlternateDataStreams: C:\ProgramData\Temp:5CE2502D
AlternateDataStreams: C:\ProgramData\Temp:5D1BA9DE
AlternateDataStreams: C:\ProgramData\Temp:5DB4FD98
AlternateDataStreams: C:\ProgramData\Temp:5E05F78B
AlternateDataStreams: C:\ProgramData\Temp:5E209A50
AlternateDataStreams: C:\ProgramData\Temp:5E24C78B
AlternateDataStreams: C:\ProgramData\Temp:5ED747B8
AlternateDataStreams: C:\ProgramData\Temp:5FB7A2BD
AlternateDataStreams: C:\ProgramData\Temp:600F6768
AlternateDataStreams: C:\ProgramData\Temp:60AC3BC3
AlternateDataStreams: C:\ProgramData\Temp:60E0AB2A
AlternateDataStreams: C:\ProgramData\Temp:61C6B926
AlternateDataStreams: C:\ProgramData\Temp:61FEC5E3
AlternateDataStreams: C:\ProgramData\Temp:6301CE40
AlternateDataStreams: C:\ProgramData\Temp:639BB5E9
AlternateDataStreams: C:\ProgramData\Temp:640DDEFF
AlternateDataStreams: C:\ProgramData\Temp:64996B1C
AlternateDataStreams: C:\ProgramData\Temp:65484F45
AlternateDataStreams: C:\ProgramData\Temp:663B62CA
AlternateDataStreams: C:\ProgramData\Temp:6677D85A
AlternateDataStreams: C:\ProgramData\Temp:66AA0486
AlternateDataStreams: C:\ProgramData\Temp:67396145
AlternateDataStreams: C:\ProgramData\Temp:67421CB3
AlternateDataStreams: C:\ProgramData\Temp:67842DB7
AlternateDataStreams: C:\ProgramData\Temp:68FC22BD
AlternateDataStreams: C:\ProgramData\Temp:696F7DA7
AlternateDataStreams: C:\ProgramData\Temp:69F562A6
AlternateDataStreams: C:\ProgramData\Temp:69FE2EE4
AlternateDataStreams: C:\ProgramData\Temp:6AD65294
AlternateDataStreams: C:\ProgramData\Temp:6B28173C
AlternateDataStreams: C:\ProgramData\Temp:6C13E971
AlternateDataStreams: C:\ProgramData\Temp:6DDFD746
AlternateDataStreams: C:\ProgramData\Temp:6E3C585B
AlternateDataStreams: C:\ProgramData\Temp:6F57F1D1
AlternateDataStreams: C:\ProgramData\Temp:6FA346B6
AlternateDataStreams: C:\ProgramData\Temp:6FD36C4B
AlternateDataStreams: C:\ProgramData\Temp:6FDE1666
AlternateDataStreams: C:\ProgramData\Temp:716C3D9F
AlternateDataStreams: C:\ProgramData\Temp:723E56EC
AlternateDataStreams: C:\ProgramData\Temp:72C99D4E
AlternateDataStreams: C:\ProgramData\Temp:73461BFA
AlternateDataStreams: C:\ProgramData\Temp:73B78E79
AlternateDataStreams: C:\ProgramData\Temp:7425C891
AlternateDataStreams: C:\ProgramData\Temp:77E239B1
AlternateDataStreams: C:\ProgramData\Temp:7804B508
AlternateDataStreams: C:\ProgramData\Temp:78794301
AlternateDataStreams: C:\ProgramData\Temp:79C6A9CE
AlternateDataStreams: C:\ProgramData\Temp:7B8AF9AA
AlternateDataStreams: C:\ProgramData\Temp:7BB584AA
AlternateDataStreams: C:\ProgramData\Temp:7BBC3CCD
AlternateDataStreams: C:\ProgramData\Temp:7E4E56EA
AlternateDataStreams: C:\ProgramData\Temp:7E979BC9
AlternateDataStreams: C:\ProgramData\Temp:7EABF26C
AlternateDataStreams: C:\ProgramData\Temp:7ECD9621
AlternateDataStreams: C:\ProgramData\Temp:7F4DB476
AlternateDataStreams: C:\ProgramData\Temp:800FE171
AlternateDataStreams: C:\ProgramData\Temp:806E55F5
AlternateDataStreams: C:\ProgramData\Temp:80BFDE16
AlternateDataStreams: C:\ProgramData\Temp:80E965A3
AlternateDataStreams: C:\ProgramData\Temp:81067530
AlternateDataStreams: C:\ProgramData\Temp:8247A199
AlternateDataStreams: C:\ProgramData\Temp:82756AB7
AlternateDataStreams: C:\ProgramData\Temp:82EAE27C
AlternateDataStreams: C:\ProgramData\Temp:82FF14B1
AlternateDataStreams: C:\ProgramData\Temp:83BAA24B
AlternateDataStreams: C:\ProgramData\Temp:84C07F6B
AlternateDataStreams: C:\ProgramData\Temp:84FA02E7
AlternateDataStreams: C:\ProgramData\Temp:85345626
AlternateDataStreams: C:\ProgramData\Temp:87452B14
AlternateDataStreams: C:\ProgramData\Temp:87E3D720
AlternateDataStreams: C:\ProgramData\Temp:880F0FEF
AlternateDataStreams: C:\ProgramData\Temp:8967C154
AlternateDataStreams: C:\ProgramData\Temp:896E1EFF
AlternateDataStreams: C:\ProgramData\Temp:896FF808
AlternateDataStreams: C:\ProgramData\Temp:89FC8EEB
AlternateDataStreams: C:\ProgramData\Temp:8AA99C0C
AlternateDataStreams: C:\ProgramData\Temp:8AC20936
AlternateDataStreams: C:\ProgramData\Temp:8B3C3098
AlternateDataStreams: C:\ProgramData\Temp:8B69E3C3
AlternateDataStreams: C:\ProgramData\Temp:8C12CFCD
AlternateDataStreams: C:\ProgramData\Temp:8C81B36D
AlternateDataStreams: C:\ProgramData\Temp:8CCDAB14
AlternateDataStreams: C:\ProgramData\Temp:8DD36B71
AlternateDataStreams: C:\ProgramData\Temp:8F00BFC0
AlternateDataStreams: C:\ProgramData\Temp:908A1B53
AlternateDataStreams: C:\ProgramData\Temp:90C5140C
AlternateDataStreams: C:\ProgramData\Temp:9124663C
AlternateDataStreams: C:\ProgramData\Temp:9256664B
AlternateDataStreams: C:\ProgramData\Temp:928DF32E
AlternateDataStreams: C:\ProgramData\Temp:933D54A9
AlternateDataStreams: C:\ProgramData\Temp:94F67F32
AlternateDataStreams: C:\ProgramData\Temp:95D421DF
AlternateDataStreams: C:\ProgramData\Temp:96646EC1
AlternateDataStreams: C:\ProgramData\Temp:96838F8A
AlternateDataStreams: C:\ProgramData\Temp:968CA408
AlternateDataStreams: C:\ProgramData\Temp:969C0C96
AlternateDataStreams: C:\ProgramData\Temp:96C05DC7
AlternateDataStreams: C:\ProgramData\Temp:971DCCE2
AlternateDataStreams: C:\ProgramData\Temp:97B3B270
AlternateDataStreams: C:\ProgramData\Temp:98AE08EA
AlternateDataStreams: C:\ProgramData\Temp:98CF1A39
AlternateDataStreams: C:\ProgramData\Temp:993185CB
AlternateDataStreams: C:\ProgramData\Temp:99A29126
AlternateDataStreams: C:\ProgramData\Temp:9B3B8E95
AlternateDataStreams: C:\ProgramData\Temp:9B711F92
AlternateDataStreams: C:\ProgramData\Temp:9B721CFF
AlternateDataStreams: C:\ProgramData\Temp:9C206FB0
AlternateDataStreams: C:\ProgramData\Temp:9C337CCE
AlternateDataStreams: C:\ProgramData\Temp:9C5EEE30
AlternateDataStreams: C:\ProgramData\Temp:9D03192E
AlternateDataStreams: C:\ProgramData\Temp:9D2DE4B4
AlternateDataStreams: C:\ProgramData\Temp:9D91E651
AlternateDataStreams: C:\ProgramData\Temp:9E0656EC
AlternateDataStreams: C:\ProgramData\Temp:9E519D0B
AlternateDataStreams: C:\ProgramData\Temp:9EBE2014
AlternateDataStreams: C:\ProgramData\Temp:9F2C8DF4
AlternateDataStreams: C:\ProgramData\Temp:A0A7408F
AlternateDataStreams: C:\ProgramData\Temp:A0C7D68A
AlternateDataStreams: C:\ProgramData\Temp:A17CCD03
AlternateDataStreams: C:\ProgramData\Temp:A1A86E40
AlternateDataStreams: C:\ProgramData\Temp:A2B3764A
AlternateDataStreams: C:\ProgramData\Temp:A3840F5B
AlternateDataStreams: C:\ProgramData\Temp:A43B789A
AlternateDataStreams: C:\ProgramData\Temp:A561576B
AlternateDataStreams: C:\ProgramData\Temp:A6345BDA
AlternateDataStreams: C:\ProgramData\Temp:A6A65B80
AlternateDataStreams: C:\ProgramData\Temp:A6B07419
AlternateDataStreams: C:\ProgramData\Temp:A7856354
AlternateDataStreams: C:\ProgramData\Temp:A7964713
AlternateDataStreams: C:\ProgramData\Temp:A7BB14DF
AlternateDataStreams: C:\ProgramData\Temp:A899E64E
AlternateDataStreams: C:\ProgramData\Temp:A8BF0AE2
AlternateDataStreams: C:\ProgramData\Temp:A9356284
AlternateDataStreams: C:\ProgramData\Temp:A97C6729
AlternateDataStreams: C:\ProgramData\Temp:A97FF73C
AlternateDataStreams: C:\ProgramData\Temp:A9ABA3FF
AlternateDataStreams: C:\ProgramData\Temp:AA004D25
AlternateDataStreams: C:\ProgramData\Temp:AA18FA3A
AlternateDataStreams: C:\ProgramData\Temp:AA559E17
AlternateDataStreams: C:\ProgramData\Temp:AA60673F
AlternateDataStreams: C:\ProgramData\Temp:AB82C54F
AlternateDataStreams: C:\ProgramData\Temp:AC733A73
AlternateDataStreams: C:\ProgramData\Temp:AC95B5ED
AlternateDataStreams: C:\ProgramData\Temp:ACCEFF0E
AlternateDataStreams: C:\ProgramData\Temp:AE289451
AlternateDataStreams: C:\ProgramData\Temp:AE2EA3C2
AlternateDataStreams: C:\ProgramData\Temp:AE9351E0
AlternateDataStreams: C:\ProgramData\Temp:B059B88E
AlternateDataStreams: C:\ProgramData\Temp:B093E177
AlternateDataStreams: C:\ProgramData\Temp:B1997945
AlternateDataStreams: C:\ProgramData\Temp:B1E64E47
AlternateDataStreams: C:\ProgramData\Temp:B2112CA5
AlternateDataStreams: C:\ProgramData\Temp:B21F2857
AlternateDataStreams: C:\ProgramData\Temp:B285A50E
AlternateDataStreams: C:\ProgramData\Temp:B2D32F1D
AlternateDataStreams: C:\ProgramData\Temp:B2EDDE72
AlternateDataStreams: C:\ProgramData\Temp:B3942462
AlternateDataStreams: C:\ProgramData\Temp:B3D50E25
AlternateDataStreams: C:\ProgramData\Temp:B42826C8
AlternateDataStreams: C:\ProgramData\Temp:B4530133
AlternateDataStreams: C:\ProgramData\Temp:B504E4C2
AlternateDataStreams: C:\ProgramData\Temp:B61767F5
AlternateDataStreams: C:\ProgramData\Temp:B6285236
AlternateDataStreams: C:\ProgramData\Temp:B65E763D
AlternateDataStreams: C:\ProgramData\Temp:B722BCE5
AlternateDataStreams: C:\ProgramData\Temp:B72454C6
AlternateDataStreams: C:\ProgramData\Temp:B761039D
AlternateDataStreams: C:\ProgramData\Temp:B86642C5
AlternateDataStreams: C:\ProgramData\Temp:B91EDB04
AlternateDataStreams: C:\ProgramData\Temp:BA24E689
AlternateDataStreams: C:\ProgramData\Temp:BA5EEDA7
AlternateDataStreams: C:\ProgramData\Temp:BB0F4AA4
AlternateDataStreams: C:\ProgramData\Temp:BBF60A29
AlternateDataStreams: C:\ProgramData\Temp:BC064EDB
AlternateDataStreams: C:\ProgramData\Temp:BCDC6E07
AlternateDataStreams: C:\ProgramData\Temp:BD414E4B
AlternateDataStreams: C:\ProgramData\Temp:BD50071F
AlternateDataStreams: C:\ProgramData\Temp:BE0BAFE1
AlternateDataStreams: C:\ProgramData\Temp:BF2225C8
AlternateDataStreams: C:\ProgramData\Temp:BF6C4AAC
AlternateDataStreams: C:\ProgramData\Temp:C118E02A
AlternateDataStreams: C:\ProgramData\Temp:C36F1B98
AlternateDataStreams: C:\ProgramData\Temp:C43C957E
AlternateDataStreams: C:\ProgramData\Temp:C45094A1
AlternateDataStreams: C:\ProgramData\Temp:C458CC0A
AlternateDataStreams: C:\ProgramData\Temp:C54A1A57
AlternateDataStreams: C:\ProgramData\Temp:C695B256
AlternateDataStreams: C:\ProgramData\Temp:C69BA1D0
AlternateDataStreams: C:\ProgramData\Temp:C7B98566
AlternateDataStreams: C:\ProgramData\Temp:C8182692
AlternateDataStreams: C:\ProgramData\Temp:C87C3E2C
AlternateDataStreams: C:\ProgramData\Temp:C946EBB2
AlternateDataStreams: C:\ProgramData\Temp:C98828D3
AlternateDataStreams: C:\ProgramData\Temp:C9B27A06
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:CB3667AF
AlternateDataStreams: C:\ProgramData\Temp:CB959782
AlternateDataStreams: C:\ProgramData\Temp:CC386FD2
AlternateDataStreams: C:\ProgramData\Temp:CC45913B
AlternateDataStreams: C:\ProgramData\Temp:CC7382F6
AlternateDataStreams: C:\ProgramData\Temp:CC7738DB
AlternateDataStreams: C:\ProgramData\Temp:CD5D93E7
AlternateDataStreams: C:\ProgramData\Temp:CDB75348
AlternateDataStreams: C:\ProgramData\Temp:CE707633
AlternateDataStreams: C:\ProgramData\Temp:CE8A42A3
AlternateDataStreams: C:\ProgramData\Temp:CEE4A457
AlternateDataStreams: C:\ProgramData\Temp:CF33321C
AlternateDataStreams: C:\ProgramData\Temp:CFDE7852
AlternateDataStreams: C:\ProgramData\Temp:D01ACC06
AlternateDataStreams: C:\ProgramData\Temp:D0944474
AlternateDataStreams: C:\ProgramData\Temp:D2397415
AlternateDataStreams: C:\ProgramData\Temp:D254266B
AlternateDataStreams: C:\ProgramData\Temp:D3331ADB
AlternateDataStreams: C:\ProgramData\Temp:D46D2E5A
AlternateDataStreams: C:\ProgramData\Temp:D4D38596
AlternateDataStreams: C:\ProgramData\Temp:D51F4BAE
AlternateDataStreams: C:\ProgramData\Temp:D61EB62D
AlternateDataStreams: C:\ProgramData\Temp:D696AA12
AlternateDataStreams: C:\ProgramData\Temp:D7C0213D
AlternateDataStreams: C:\ProgramData\Temp:D7DA89B1
AlternateDataStreams: C:\ProgramData\Temp:D8DB81DC
AlternateDataStreams: C:\ProgramData\Temp:D994162E
AlternateDataStreams: C:\ProgramData\Temp:D9987109
AlternateDataStreams: C:\ProgramData\Temp:D9E6828A
AlternateDataStreams: C:\ProgramData\Temp:DA11DA54
AlternateDataStreams: C:\ProgramData\Temp:DA18D4E3
AlternateDataStreams: C:\ProgramData\Temp:DBB979D4
AlternateDataStreams: C:\ProgramData\Temp:DC9915D2
AlternateDataStreams: C:\ProgramData\Temp:DCA79AB3
AlternateDataStreams: C:\ProgramData\Temp:DCB27118
AlternateDataStreams: C:\ProgramData\Temp:DD95E6D9
AlternateDataStreams: C:\ProgramData\Temp:E00A6A60
AlternateDataStreams: C:\ProgramData\Temp:E06963C0
AlternateDataStreams: C:\ProgramData\Temp:E07EA07E
AlternateDataStreams: C:\ProgramData\Temp:E153075C
AlternateDataStreams: C:\ProgramData\Temp:E1ABC2C7
AlternateDataStreams: C:\ProgramData\Temp:E1CC2D5E
AlternateDataStreams: C:\ProgramData\Temp:E1D818F7
AlternateDataStreams: C:\ProgramData\Temp:E21987F7
AlternateDataStreams: C:\ProgramData\Temp:E2295807
AlternateDataStreams: C:\ProgramData\Temp:E41267F2
AlternateDataStreams: C:\ProgramData\Temp:E412AAF2
AlternateDataStreams: C:\ProgramData\Temp:E47BBD7B
AlternateDataStreams: C:\ProgramData\Temp:E4BC4A41
AlternateDataStreams: C:\ProgramData\Temp:E5816AB5
AlternateDataStreams: C:\ProgramData\Temp:E5BA9ADD
AlternateDataStreams: C:\ProgramData\Temp:E5CD413B
AlternateDataStreams: C:\ProgramData\Temp:E6537A16
AlternateDataStreams: C:\ProgramData\Temp:E8FC771D
AlternateDataStreams: C:\ProgramData\Temp:E96D894A
AlternateDataStreams: C:\ProgramData\Temp:EB5BDBB0
AlternateDataStreams: C:\ProgramData\Temp:EB68CA55
AlternateDataStreams: C:\ProgramData\Temp:EC0279DC
AlternateDataStreams: C:\ProgramData\Temp:EC752217
AlternateDataStreams: C:\ProgramData\Temp:EC7C9796
AlternateDataStreams: C:\ProgramData\Temp:ECC979BD
AlternateDataStreams: C:\ProgramData\Temp:ED796303
AlternateDataStreams: C:\ProgramData\Temp:ED9B661E
AlternateDataStreams: C:\ProgramData\Temp:EE0ABC44
AlternateDataStreams: C:\ProgramData\Temp:EE445D7C
AlternateDataStreams: C:\ProgramData\Temp:EE7A6A39
AlternateDataStreams: C:\ProgramData\Temp:EE7AAC75
AlternateDataStreams: C:\ProgramData\Temp:EEF1584F
AlternateDataStreams: C:\ProgramData\Temp:EF4FB3C5
AlternateDataStreams: C:\ProgramData\Temp:EFECABA9
AlternateDataStreams: C:\ProgramData\Temp:F123F8B9
AlternateDataStreams: C:\ProgramData\Temp:F2327E82
AlternateDataStreams: C:\ProgramData\Temp:F2AF86D9
AlternateDataStreams: C:\ProgramData\Temp:F3029A65
AlternateDataStreams: C:\ProgramData\Temp:F3591DDB
AlternateDataStreams: C:\ProgramData\Temp:F35AE645
AlternateDataStreams: C:\ProgramData\Temp:F3F9AB21
AlternateDataStreams: C:\ProgramData\Temp:F4362715
AlternateDataStreams: C:\ProgramData\Temp:F53B274A
AlternateDataStreams: C:\ProgramData\Temp:F5E30F6A
AlternateDataStreams: C:\ProgramData\Temp:F5FC5DCE
AlternateDataStreams: C:\ProgramData\Temp:F67AAFC5
AlternateDataStreams: C:\ProgramData\Temp:F6910DB1
AlternateDataStreams: C:\ProgramData\Temp:F6C0CA66
AlternateDataStreams: C:\ProgramData\Temp:F6CDA594
AlternateDataStreams: C:\ProgramData\Temp:F6DA3F39
AlternateDataStreams: C:\ProgramData\Temp:F78CC2A2
AlternateDataStreams: C:\ProgramData\Temp:F7B0AE93
AlternateDataStreams: C:\ProgramData\Temp:F81E7082
AlternateDataStreams: C:\ProgramData\Temp:F8E188F6
AlternateDataStreams: C:\ProgramData\Temp:F9283DA1
AlternateDataStreams: C:\ProgramData\Temp:F9E46E4C
AlternateDataStreams: C:\ProgramData\Temp:F9EE38AE
AlternateDataStreams: C:\ProgramData\Temp:FBA79096
AlternateDataStreams: C:\ProgramData\Temp:FBE5FDB9
AlternateDataStreams: C:\ProgramData\Temp:FBF21B24
AlternateDataStreams: C:\ProgramData\Temp:FC414D14
AlternateDataStreams: C:\ProgramData\Temp:FC4B020F
AlternateDataStreams: C:\ProgramData\Temp:FD774C83
AlternateDataStreams: C:\ProgramData\Temp:FE058F1D
AlternateDataStreams: C:\ProgramData\Temp:FEB0595A
AlternateDataStreams: C:\ProgramData\Temp:FEE00EB9
AlternateDataStreams: C:\ProgramData\Temp:FEEEFFAD
AlternateDataStreams: C:\ProgramData\Temp:FF747CFB
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Classes\.exe: => <===== ATTENTION!
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-107307583-39740663-3650351078-500 - Administrator - Disabled)
Gast (S-1-5-21-107307583-39740663-3650351078-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-107307583-39740663-3650351078-1002 - Limited - Enabled)
ola (S-1-5-21-107307583-39740663-3650351078-1001 - Administrator - Enabled) => C:\Users\ola
==================== Faulty Device Manager Devices =============
Name: X5XSEx
Description: X5XSEx
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: X5XSEx
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (05/14/2014 01:15:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3439 seconds with 2820 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-02-15 10:25:26.544
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-15 10:25:26.474
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:54:00.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:54:00.500
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:35:49.107
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:35:48.937
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:50.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:50.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:18.996
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:18.965
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 52%
Total physical RAM: 3959.08 MB
Available physical RAM: 1894.99 MB
Total Pagefile: 7916.34 MB
Available Pagefile: 5198.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:918.39 GB) (Free:683.39 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.02 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Iomega_HDD) (Fixed) (Total:465.76 GB) (Free:139.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: C94041C3)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
24.02.2015, 15:24
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Hilfe!!! Internet öffnet selbstständig Fenster. FRST-Fix
__________________Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-107307583-39740663-3650351078-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - No Name - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {9E89BECE-D23F-4782-8397-242E78C042D1}
C:\Users\ola\cudart32_30_14.dll
C:\Users\ola\vedFramework.dll
C:\Users\ola\XMLWrapper.dll
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
C:\ProgramData\Temp
EmptyTemp:
Hosts:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ |
|
24.02.2015, 15:44
| #19 |
| | Hilfe!!! Internet öffnet selbstständig Fenster.Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2015
Ran by ola at 2015-02-24 15:36:40 Run:2
Running from C:\Users\ola\Desktop
Loaded Profiles: ola (Available profiles: ola)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-107307583-39740663-3650351078-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - No Name - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {9E89BECE-D23F-4782-8397-242E78C042D1}
C:\Users\ola\cudart32_30_14.dll
C:\Users\ola\vedFramework.dll
C:\Users\ola\XMLWrapper.dll
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
C:\ProgramData\Temp
EmptyTemp:
Hosts:
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\S-1-5-21-107307583-39740663-3650351078-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{79a2b609-bbc0-4d16-9925-70cb98a6490d} => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{79a2b609-bbc0-4d16-9925-70cb98a6490d} => Value not found.
HKCR\Wow6432Node\CLSID\{79a2b609-bbc0-4d16-9925-70cb98a6490d} => Key not found.
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value not found.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value not found.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{4FF78044-96B4-4312-A5B7-FDA3CB328095} => Key not found.
HKCR\Wow6432Node\CLSID\{4FF78044-96B4-4312-A5B7-FDA3CB328095} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455} => Key not found.
HKCR\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{9E89BECE-D23F-4782-8397-242E78C042D1} => Key not found.
HKCR\Wow6432Node\CLSID\{9E89BECE-D23F-4782-8397-242E78C042D1} => Key not found.
"C:\Users\ola\cudart32_30_14.dll" => File/Directory not found.
"C:\Users\ola\vedFramework.dll" => File/Directory not found.
"C:\Users\ola\XMLWrapper.dll" => File/Directory not found.
"C:\ProgramData\PKP_DLdu.DAT" => File/Directory not found.
"C:\ProgramData\PKP_DLdw.DAT" => File/Directory not found.
"C:\ProgramData\Temp" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 6.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 15:37:36 ====
|
|
24.02.2015, 15:47
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe!!! Internet öffnet selbstständig Fenster. Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.02.2015, 15:52
| #21 |
| | Hilfe!!! Internet öffnet selbstständig Fenster. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by ola (administrator) on OLA-PC on 24-02-2015 15:48:59
Running from C:\Users\ola\Desktop
Loaded Profiles: ola (Available profiles: ola)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
() C:\Users\ola\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Simply Super Software) C:\Program Files (x86)\Trojan Remover\Trjscan.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Google Inc.) C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Google Update] => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [GameXN GO] => "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [GoogleChromeAutoLaunch_7AF6FE48D09771C69065DE049B362851] => C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Alamandi tray notifier] => c:\program files (x86)\deutschland spielt\alamandi\TaskBarNotifier.exe
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Amazon Music] => C:\Users\ola\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
SearchScopes: HKLM -> {892BD02F-3625-446B-A532-15841A4B06CA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {892BD02F-3625-446B-A532-15841A4B06CA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-107307583-39740663-3650351078-1001 -> {892BD02F-3625-446B-A532-15841A4B06CA} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: GMX Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: GMX Konfiguration -> {17166733-40EA-4432-A85C-AE672FF0E236} -> C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: GMX Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2010-02-05] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.0 -> C:\Program Files (x86)\GameTreat Player\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @exent.com/npExentWidget,version=0.9.0.0 -> C:\Program Files (x86)\GameTreat Player\npExentWidget.dll (Exent Technologies Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-107307583-39740663-3650351078-1001: @tools.google.com/Google Update;version=3 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-107307583-39740663-3650351078-1001: @tools.google.com/Google Update;version=9 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-12]
FF HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Kaspersky Protection) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-23]
CHR Extension: (No Name) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmcplcebggimminoiheibhndgamccdgl [2011-08-09]
CHR Extension: (Google Wallet) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
StartMenuInternet: Google Chrome - C:\Users\ola\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-01-24] (Adobe Systems) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-12-08] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [116264 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [159784 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [138792 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [137768 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [153128 2008-05-27] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1071616 2010-02-11] (Vimicro Corporation)
R2 X5XSEx_Pr146; C:\Program Files (x86)\GameTreat Player\X5XSEx.Sys [55328 2010-03-10] (Exent Technologies Ltd.)
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 14:25 - 2015-02-24 14:25 - 00064297 _____ () C:\Users\ola\Desktop\FRST_1.txt
2015-02-24 14:24 - 2015-02-24 14:24 - 00001422 _____ () C:\Users\ola\Desktop\AdwCleaner[S0].txt
2015-02-24 14:22 - 2015-02-24 14:22 - 00000623 _____ () C:\Users\ola\Desktop\JRT.txt
2015-02-24 14:14 - 2015-02-24 14:14 - 00001994 _____ () C:\Users\ola\Desktop\anleitung.txt
2015-02-24 14:09 - 2015-02-24 14:14 - 00000000 ____D () C:\AdwCleaner
2015-02-24 14:06 - 2015-02-24 14:06 - 01388274 _____ (Thisisu) C:\Users\ola\Desktop\JRT.exe
2015-02-24 14:05 - 2015-02-24 14:05 - 02126848 _____ () C:\Users\ola\Desktop\AdwCleaner_4.111.exe
2015-02-24 12:45 - 2015-02-24 13:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-24 12:45 - 2015-02-24 13:17 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 12:43 - 2015-02-24 13:17 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-24 12:42 - 2015-02-24 13:41 - 00000000 ____D () C:\Users\ola\Desktop\mbar
2015-02-24 12:42 - 2015-02-24 12:42 - 16502728 _____ (Malwarebytes Corp.) C:\Users\ola\Desktop\mbar-1.09.1.1004.exe
2015-02-24 12:17 - 2015-02-24 15:49 - 00029432 _____ () C:\Users\ola\Desktop\FRST.txt
2015-02-24 12:17 - 2015-02-24 15:12 - 00069255 _____ () C:\Users\ola\Desktop\Addition.txt
2015-02-24 12:17 - 2015-02-24 11:51 - 02087424 _____ (Farbar) C:\Users\ola\Desktop\FRST64.exe
2015-02-24 11:54 - 2015-02-24 11:55 - 00075549 _____ () C:\Users\ola\Downloads\Addition.txt
2015-02-24 11:52 - 2015-02-24 11:52 - 00112554 _____ () C:\Users\ola\Desktop\Hilfe!!! Internet öffnet selbstständig Fenster. - Trojaner-Board.html
2015-02-24 11:52 - 2015-02-24 11:52 - 00000000 ____D () C:\Users\ola\Desktop\Hilfe!!! Internet öffnet selbstständig Fenster. - Trojaner-Board_files
2015-02-24 11:51 - 2015-02-24 15:49 - 00000000 ____D () C:\FRST
2015-02-24 11:51 - 2015-02-24 11:55 - 00063378 _____ () C:\Users\ola\Downloads\FRST.txt
2015-02-24 11:51 - 2015-02-24 11:51 - 02087424 _____ (Farbar) C:\Users\ola\Downloads\FRST64.exe
2015-02-24 11:51 - 2015-02-24 11:51 - 02087424 _____ (Farbar) C:\Users\ola\Downloads\FRST64 (1).exe
2015-02-24 11:50 - 2015-02-24 11:50 - 01127424 _____ (Farbar) C:\Users\ola\Downloads\FRST.exe
2015-02-24 11:16 - 2015-02-24 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ola\Downloads\revosetup95.exe
2015-02-24 11:16 - 2015-02-24 11:16 - 00001222 _____ () C:\Users\ola\Desktop\Revo Uninstaller.lnk
2015-02-24 11:16 - 2015-02-24 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-23 17:36 - 2015-02-23 17:36 - 00000000 ____D () C:\Users\Public\CyberLink
2015-02-23 17:35 - 2015-02-23 17:36 - 00001594 _____ () C:\Windows\VPNUnInstall.MIF
2015-02-23 17:23 - 2015-02-23 17:23 - 00000045 _____ () C:\error.log
2015-02-23 17:05 - 2015-02-23 17:27 - 00000000 ____D () C:\Users\ola\Desktop\MUSIK ALLES
2015-02-23 17:05 - 2015-02-23 17:07 - 00000000 ____D () C:\Users\ola\Desktop\FOTOS ALLES
2015-02-23 13:01 - 2015-02-23 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-02-23 12:47 - 2015-02-23 12:47 - 07778632 _____ () C:\Users\ola\Downloads\Infigo_setup.exe
2015-02-23 11:34 - 2015-02-24 12:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-23 11:32 - 2015-02-23 11:33 - 01388274 _____ (Thisisu) C:\Users\ola\Downloads\JRT42.exe
2015-02-23 11:31 - 2015-02-23 11:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ola\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-22 15:16 - 2015-02-22 15:16 - 00000040 _____ () C:\Users\Public\Documents\_rgpl
2015-02-22 13:40 - 2015-02-22 14:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-22 13:40 - 2015-02-22 13:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-22 13:40 - 2015-02-22 13:40 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-22 13:40 - 2015-02-22 13:40 - 00001337 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-22 13:40 - 2015-02-22 13:40 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-02-22 13:40 - 2015-02-22 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-22 13:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-02-22 13:32 - 2015-02-22 13:32 - 00001175 _____ () C:\Users\ola\Desktop\spybot-2.4.40 - Verknüpfung.lnk
2015-02-22 13:24 - 2015-02-22 13:26 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\ola\Downloads\spybot-2.4.40.exe
2015-02-21 11:18 - 2015-02-21 11:18 - 00000000 ____D () C:\Users\ola\AppData\Roaming\AdobeUM
2015-02-17 16:06 - 2015-02-17 16:07 - 00000000 ____D () C:\Program Files (x86)\Burger Bustle
2015-02-17 16:06 - 2015-02-17 16:06 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burger Bustle
2015-02-17 16:06 - 2015-02-17 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burger Bustle
2015-02-17 15:59 - 2015-02-17 15:59 - 00237568 _____ (Big Fish Games) C:\Users\ola\Downloads\bigfishgames_p230064518_s2_l2.exe
2015-02-15 12:44 - 2015-02-15 12:44 - 00014653 _____ () C:\Users\ola\Downloads\WG Celle (1).xlsx
2015-02-15 12:26 - 2015-02-15 12:26 - 00012427 _____ () C:\Users\ola\Downloads\WG 15A (2).xlsx
2015-02-14 18:55 - 2015-02-14 18:55 - 00012427 _____ () C:\Users\ola\Downloads\WG 15A (1).xlsx
2015-02-14 18:54 - 2015-02-14 18:54 - 00014653 _____ () C:\Users\ola\Downloads\WG Celle.xlsx
2015-02-14 18:53 - 2015-02-14 18:53 - 00012427 _____ () C:\Users\ola\Downloads\WG 15A.xlsx
2015-02-14 14:03 - 2015-02-23 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewelleria
2015-02-14 14:03 - 2015-02-14 14:03 - 00001875 _____ () C:\Users\Public\Desktop\Play Jewelleria.lnk
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Program Files (x86)\Jewelleria
2015-02-14 14:01 - 2015-02-14 14:01 - 00237568 _____ (Big Fish Games) C:\Users\ola\Downloads\bigfishgames_p229860281_s2_l2.exe
2015-02-14 12:46 - 2015-02-14 12:48 - 66714384 _____ (INTENIUM GmbH) C:\Users\ola\Downloads\GreenRanch.exe
2015-02-14 11:09 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 11:09 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 11:09 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 11:09 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 18:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 18:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 18:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 18:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 18:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 18:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 18:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 18:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 18:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 18:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 18:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 18:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 18:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 18:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 18:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 18:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 18:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 18:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 18:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 18:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 18:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 18:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 18:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 18:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 18:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 18:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 18:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 18:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 18:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 18:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 18:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 18:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 18:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 18:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 18:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 18:54 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 18:54 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 18:54 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 18:54 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 18:54 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 18:54 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 18:54 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 18:54 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 18:54 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 18:54 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 18:54 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 18:54 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 18:54 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 18:54 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 18:54 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 18:54 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 18:54 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 18:49 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-12 18:49 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 18:49 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-12 18:49 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 18:49 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 18:49 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 18:45 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 18:45 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 18:45 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 18:45 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 18:45 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 18:45 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 18:45 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 18:45 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 18:45 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 18:45 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 18:45 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 18:45 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 18:45 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 18:45 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 18:45 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 18:45 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 18:45 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 18:45 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 18:44 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 18:44 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 18:44 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-12 18:44 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-12 18:44 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-12 18:44 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-12 18:43 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 18:43 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 18:41 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 18:41 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 18:41 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 18:41 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 18:41 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 18:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 18:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 18:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 18:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 18:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 18:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 18:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 18:40 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 18:40 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 18:38 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 18:05 - 2015-02-12 18:05 - 00000000 ____D () C:\Users\ola\Documents\Simply Super Software
2015-02-12 18:05 - 2015-02-12 18:05 - 00000000 ____D () C:\ProgramData\Licenses
2015-02-12 18:04 - 2015-02-12 18:04 - 00001097 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2015-02-12 18:04 - 2015-02-12 18:04 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-02-12 18:04 - 2015-02-12 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-02-12 18:04 - 2015-02-12 18:04 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-02-12 18:02 - 2015-02-12 18:04 - 31390952 _____ (Simply Super Software ) C:\Users\ola\Downloads\trjsetup691.exe
2015-02-09 15:43 - 2015-02-09 15:43 - 00000000 ____D () C:\Users\ola\AppData\Roaming\MMFApplications
2015-02-09 13:06 - 2015-02-09 13:15 - 361382144 _____ (INTENIUM GmbH) C:\Users\ola\Downloads\Delicious10Sammleredition.exe
2015-02-05 11:37 - 2015-02-05 11:37 - 00000000 ____D () C:\Users\ola\AppData\Local\TuneUp Software
2015-02-05 11:36 - 2015-02-05 11:36 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-05 11:35 - 2015-02-05 11:35 - 00001490 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-02-05 11:35 - 2015-02-05 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-05 11:34 - 2015-02-05 11:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-05 11:34 - 2015-02-05 11:34 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-05 11:32 - 2015-02-05 11:33 - 34792128 _____ (DVDVideoSoft Ltd. ) C:\Users\ola\Downloads\FreeYouTubeToMP354Converter.exe
2015-02-04 16:56 - 2015-02-04 16:56 - 00014927 _____ () C:\Users\ola\Downloads\Steckbrief.odt
2015-01-31 10:44 - 2015-01-31 10:44 - 00000000 __SHD () C:\found.001
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 15:50 - 2010-09-08 14:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 15:49 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:49 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:45 - 2010-05-14 19:24 - 01834223 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 15:44 - 2010-11-08 13:17 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-24 15:42 - 2010-10-17 10:13 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Skype
2015-02-24 15:41 - 2010-09-08 14:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 15:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 15:40 - 2009-07-14 05:51 - 00225862 _____ () C:\Windows\setupact.log
2015-02-24 15:35 - 2013-02-27 22:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-24 15:30 - 2010-09-09 18:33 - 01146948 _____ () C:\Windows\PFRO.log
2015-02-24 15:27 - 2010-09-08 14:33 - 00000000 ____D () C:\Users\ola
2015-02-24 15:26 - 2010-10-16 19:21 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA.job
2015-02-24 13:26 - 2010-10-16 19:21 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core.job
2015-02-24 10:53 - 2010-12-12 15:30 - 00000000 ____D () C:\GameHouse Games
2015-02-24 02:36 - 2013-08-29 15:17 - 00000000 ____D () C:\Users\ola\Desktop\Gruppenleitung
2015-02-24 00:28 - 2010-11-19 15:55 - 00000000 ____D () C:\Users\ola\AppData\Local\CrashDumps
2015-02-23 19:07 - 2009-10-15 15:15 - 00000000 ____D () C:\Users\ola\Desktop\Jessi´s Daten
2015-02-23 18:50 - 2010-02-06 03:50 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-02-23 18:50 - 2010-02-06 03:50 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-02-23 18:50 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 18:46 - 2013-06-05 00:09 - 00000000 ____D () C:\Users\ola\Desktop\Kreatives und Merke dir es
2015-02-23 18:37 - 2014-09-20 10:58 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Samsung
2015-02-23 18:37 - 2014-09-20 10:58 - 00000000 ____D () C:\Users\ola\AppData\Local\Samsung
2015-02-23 18:37 - 2014-09-20 10:53 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-02-23 18:36 - 2014-09-20 10:53 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-23 18:36 - 2010-02-05 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-23 18:19 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-23 18:12 - 2010-12-12 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse
2015-02-23 18:12 - 2010-12-12 15:25 - 00000000 ____D () C:\Program Files (x86)\RealArcade
2015-02-23 18:06 - 2010-11-27 16:18 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2015-02-23 17:55 - 2011-11-12 18:50 - 00000000 _____ () C:\Users\ola\AppData\Roaming\Database
2015-02-23 17:38 - 2010-02-05 19:06 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2015-02-23 17:26 - 2011-11-12 18:48 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-23 17:26 - 2011-11-12 18:47 - 00000000 _____ () C:\Users\ola\AppData\Roaming\Dance
2015-02-23 17:00 - 2010-11-17 12:14 - 00000000 ____D () C:\Program Files\DivX
2015-02-23 17:00 - 2010-11-17 12:13 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-02-23 17:00 - 2010-11-17 12:12 - 00000000 ____D () C:\ProgramData\DivX
2015-02-23 16:47 - 2015-01-22 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dancing Craze
2015-02-23 16:46 - 2015-01-23 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Keeper 2
2015-02-23 13:00 - 2010-09-08 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-23 12:37 - 2010-09-08 14:51 - 00000000 ____D () C:\Program Files\Google
2015-02-23 12:37 - 2010-09-08 14:51 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 12:34 - 2010-09-08 14:51 - 00000000 ____D () C:\Users\ola\AppData\Local\Google
2015-02-23 12:34 - 2010-09-08 14:51 - 00000000 ____D () C:\ProgramData\Google
2015-02-23 12:20 - 2010-09-18 12:10 - 00209930 _____ () C:\Windows\DPINST.LOG
2015-02-23 12:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2015-02-23 11:39 - 2010-11-12 10:42 - 00000000 ____D () C:\ProgramData\Alawar Stargaze
2015-02-23 11:26 - 2010-02-05 19:32 - 00000000 ____D () C:\ProgramData\Norton
2015-02-22 13:28 - 2011-05-30 09:37 - 00000000 ____D () C:\Users\TEMP
2015-02-21 10:29 - 2010-10-16 19:21 - 00002344 _____ () C:\Users\ola\Desktop\Google Chrome.lnk
2015-02-20 11:07 - 2010-12-16 13:07 - 00000000 ____D () C:\Users\ola\AppData\Roaming\HP Support Assistant
2015-02-20 11:07 - 2010-09-09 18:38 - 00000000 ____D () C:\Users\ola\AppData\Roaming\HpUpdate
2015-02-18 14:09 - 2013-07-10 14:21 - 00000000 ____D () C:\BigFishCache
2015-02-15 17:23 - 2010-12-05 15:21 - 00001885 _____ () C:\Users\ola\Documents\DancingCraze.log
2015-02-15 13:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-15 10:59 - 2014-03-04 18:16 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Juliette's Fashion Empire DE
2015-02-14 12:54 - 2013-11-30 20:41 - 00000000 ____D () C:\Users\ola\AppData\Roaming\Palaplay
2015-02-14 12:53 - 2014-12-10 17:31 - 00001089 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2015-02-14 11:44 - 2014-08-18 08:44 - 00000000 ____D () C:\Users\ola\AppData\Local\com.gamehouse.acid
2015-02-14 10:44 - 2009-07-14 05:45 - 00460736 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 10:42 - 2014-12-11 03:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-14 10:42 - 2014-05-06 09:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 01:39 - 2010-09-16 19:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 01:27 - 2013-08-14 09:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 00:13 - 2010-10-08 20:49 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-12 18:00 - 2013-10-23 16:12 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-12 17:59 - 2013-07-12 10:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-12 17:56 - 2014-11-24 12:08 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-12 17:56 - 2014-11-24 12:08 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-12 17:56 - 2014-11-24 12:08 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-12 17:56 - 2014-11-24 12:08 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-12 17:56 - 2014-11-24 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-09 13:21 - 2010-10-16 19:21 - 00004078 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA
2015-02-09 13:21 - 2010-10-16 19:21 - 00003682 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core
2015-02-05 12:36 - 2013-02-27 22:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 12:36 - 2013-02-27 22:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 12:36 - 2011-05-18 15:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 11:40 - 2012-06-25 12:20 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-05 11:37 - 2012-06-25 12:20 - 00000000 ____D () C:\Users\ola\AppData\Roaming\TuneUp Software
2015-02-05 11:35 - 2011-07-28 17:56 - 00000000 ____D () C:\Users\ola\AppData\Roaming\DVDVideoSoft
2015-02-04 10:45 - 2010-09-08 14:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 10:45 - 2010-09-08 14:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2010-11-16 13:57 - 2010-11-16 13:57 - 0774144 _____ (RealNetworks, Inc.) C:\Program Files (x86)\RngInterstitial.dll
2011-11-12 18:47 - 2015-02-23 17:26 - 0000000 _____ () C:\Users\ola\AppData\Roaming\Dance
2011-11-12 18:50 - 2015-02-23 17:55 - 0000000 _____ () C:\Users\ola\AppData\Roaming\Database
2011-06-05 17:42 - 2011-06-15 12:03 - 0000011 _____ () C:\Users\ola\AppData\Roaming\log.txt
2014-06-16 10:04 - 2014-06-16 10:04 - 0000216 _____ () C:\Users\ola\AppData\Roaming\wklnhst.dat
2011-01-08 02:14 - 2011-01-08 02:18 - 0022016 _____ () C:\Users\ola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-16 14:02 - 2010-12-06 16:45 - 0000198 _____ () C:\Users\ola\AppData\Local\DownloadLog.txt
2012-01-02 10:07 - 2012-01-02 11:07 - 0153043 _____ () C:\Users\ola\AppData\Local\log.txt
2011-05-19 13:03 - 2011-05-19 13:03 - 0006474 _____ () C:\Users\ola\AppData\Local\tmp148996_172999622712932_100000086862591_620133_4604791_S.0
2011-05-19 13:03 - 2011-05-19 13:03 - 0006419 _____ () C:\Users\ola\AppData\Local\tmp148996_172999622712932_100000086862591_620133_4604791_S.JPG
2010-12-03 15:20 - 2014-11-14 05:07 - 0014983 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 13:42
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2015
Ran by ola at 2015-02-24 15:50:49
Running from C:\Users\ola\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader 8.3.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Music (HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
ATI Catalyst Install Manager (HKLM\...\{67CA5B4D-32DA-B54C-1851-F68ECD83262E}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Bauern-Spass (HKLM-x32\...\{08C06EC7-FD54-4C4E-9FED-1E8DA7367BE3}) (Version: 1.00.0000 - Intenium GmbH)
Bauern-Spaß (HKLM-x32\...\Bauern-Spaß) (Version: 1.0.0.0 - INTENIUM GmbH)
Beach Party Craze Deluxe (HKLM-x32\...\ab25efd7edca8068e25022a8dcb023bc) (Version: - Zylom)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Burger Bustle (HKLM-x32\...\BFG-Burger Bustle) (Version: - )
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Cake Mania Main Street (HKLM-x32\...\BFG-Cake Mania Main Street) (Version: - )
Cake Mania: Lights, Camera, Action! (HKLM-x32\...\BFG-Cake Mania - Lights, Camera, Action) (Version: - )
ccc-core-static (x32 Version: 2009.1201.2247.40849 - Ihr Firmenname) Hidden
Chicken Invaders 4 – Weihnachtsedition (HKLM-x32\...\Chicken Invaders 4 – Weihnachtsedition) (Version: 1.0.0.0 - INTENIUM GmbH)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Dancing Craze (HKLM-x32\...\BFG-Dancing Craze) (Version: - )
Delicious: Emily und die Traumhochzeit Sammleredition (HKLM-x32\...\Delicious: Emily und die Traumhochzeit Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)
Der Bau der Chinesischen Mauer (HKLM-x32\...\Der Bau der Chinesischen Mauer) (Version: - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.4.38 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\{D2B31FE6-127F-4E79-8186-F080A282FBC7}) (Version: 1.0.0.46 - Intenium GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
DEUTSCHLAND SPIELT Spiele Post (HKLM-x32\...\DEUTSCHLAND SPIELT Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Die FreeRide Games Bar Toolbar (HKLM-x32\...\Die_FreeRide_Games_Bar Toolbar) (Version: 6.5.2.8 - Die FreeRide Games Bar)
Die Legende von Atlantis - Exodus (HKLM-x32\...\{AB49EB53-CEA8-40F1-828B-7DE5D7D158F0}) (Version: 1.00.0000 - Intenium GmbH)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Double Pack SuperMarket Management Deluxe (HKLM-x32\...\7283d44070835c6bc64e323b40b6ec9f) (Version: - Zylom)
Dragon Keeper 2 (HKLM-x32\...\BFG-Dragon Keeper 2) (Version: - )
DragonStone (HKLM-x32\...\BFG-DragonStone) (Version: - )
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Farm Mania Hot Vacation (HKLM-x32\...\Farm Mania Hot Vacation_is1) (Version: - Realore Studios)
Farmscapes (HKLM-x32\...\BFG-Farmscapes) (Version: - )
Farmscapes (HKLM-x32\...\Farmscapes_is1) (Version: - Playrix Entertainment)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Audio CD Burner version 1.4.8 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
GameCatalog42.2013 (x32 Version: 1.00.0000 - Intenium GmbH) Hidden
GameTreat Player (HKLM-x32\...\{AC323D63-F1B1-4FA6-88B1-72E74025036E}) (Version: - )
GMX Internet Explorer Addon (HKLM-x32\...\1&1 Mail & Media GmbH 1und1InternetExplorerAddon) (Version: 1.0.1.0 - 1&1 Mail & Media GmbH)
GMX Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 2.0.1.5 - 1&1 Mail & Media GmbH)
GMX Toolbar für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 1.7.2.0 - 1&1 Mail & Media GmbH)
GMX Toolbar MSVC100 CRT x64 (Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
GMX Toolbar MSVC100 CRT x86 (x32 Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
Google Chrome (HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grave Mania: Zombiefieber (HKLM-x32\...\BFG-Grave Mania - Zombiefieber) (Version: - )
Hardwarediagnosetools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hello Venice (HKLM-x32\...\{6B19A215-DFA2-440D-B972-08CEEB77F078}) (Version: 1.00.0000 - Intenium GmbH)
Hello Venice (HKLM-x32\...\BFG-Hello Venice) (Version: - )
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}) (Version: 5.1.10.7 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.128.0 - ATI Technologies Inc.) Hidden
Insaniquarium Deluxe (HKLM-x32\...\9a14c916588716e1e4a91a4414907685) (Version: - Zylom)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Island Tribe (HKLM-x32\...\Island Tribe_is1) (Version: - Realore Studios)
Island Tribe 2 (HKLM-x32\...\BFG-Island Tribe 2) (Version: - )
Island Tribe 2 (HKLM-x32\...\Island Tribe 2_is1) (Version: - Realore Studios)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jet Set Go (HKLM-x32\...\Jet Set Go) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewelleria (HKLM-x32\...\BFG-Jewelleria) (Version: - )
Juliettes Mode-Imperium (HKLM-x32\...\Juliettes Mode-Imperium) (Version: 1.0.0.0 - INTENIUM GmbH)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Katy + Bob (HKLM-x32\...\Katy + Bob) (Version: - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mein eigener Bauernhof (HKLM-x32\...\Mein eigener Bauernhof_is1) (Version: - Realore Studios)
Mein eigener Bauernhof 2 (HKLM-x32\...\Mein eigener Bauernhof 2_is1) (Version: - Realore Studios)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-107307583-39740663-3650351078-1001\...\MyFreeCodec) (Version: - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Paradise Beach 2 (HKLM-x32\...\{63C716AA-D7E0-4ED4-AC70-84F255F2AD55}) (Version: 1.00.0000 - Intenium GmbH)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
Pet Show Craze Deluxe (HKLM-x32\...\7d89a1ed80d764888be08d8ed2b7ddbb) (Version: - Zylom)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ritter Arthur 4 (HKLM-x32\...\Ritter Arthur 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur III (HKLM-x32\...\Ritter Arthur III) (Version: 1.0.0.0 - INTENIUM GmbH)
Roads Of Rome (HKLM-x32\...\Roads Of Rome_is1) (Version: - Realore Studios)
Roads of Rome 3 (HKLM-x32\...\Roads of Rome 3) (Version: 32.0.0.0 - Shockwave.com)
Royal Envoy (HKLM-x32\...\Royal Envoy_is1) (Version: - Playrix Entertainment)
Royal Envoy 2 (HKLM-x32\...\Royal Envoy 2_is1) (Version: - Playrix Entertainment)
Sally's Quick Clips (HKLM-x32\...\c59fb4f519ae3f5779eefbda2291335c) (Version: - Zylom)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Viking Saga (HKLM-x32\...\b084798fee4191843dbe5cdb90c900ef) (Version: - GameHouse)
Viking Saga (HKLM-x32\...\BFG-Viking Saga) (Version: - )
viking saga (HKLM-x32\...\viking saga_is1) (Version: - Realore Studios)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Salon Deluxe (HKLM-x32\...\3866c7ce7716fadf1b53a2ff8d90be59) (Version: - Zylom)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.20 - WildTangent)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Youda Farmer (HKLM-x32\...\Youda Farmer) (Version: - )
Youda Farmer 3: Jahreszeiten (HKLM-x32\...\Youda Farmer 3: Jahreszeiten) (Version: 1.0.0.0 - INTENIUM GmbH)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-107307583-39740663-3650351078-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ola\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
19-02-2015 10:17:20 Windows Update
23-02-2015 13:00:22 Windows Update
23-02-2015 16:54:54 TuneUp Utilities 2014 wird entfernt
23-02-2015 16:57:13 TuneUp Utilities 2014 (de-DE) wird entfernt
23-02-2015 17:15:48 Entfernt Panorama Maker
23-02-2015 17:23:41 Entfernt MediaImpression
23-02-2015 17:25:48 Removed Nikon Transfer
23-02-2015 17:35:06 Removed Cisco Systems VPN Client 5.0.07.0290
23-02-2015 17:37:17 Konfiguriert PowerStarter
23-02-2015 17:43:03 Removed Die Ratten.
23-02-2015 17:51:57 Removed File Uploader
23-02-2015 17:52:36 Removed File Uploader
23-02-2015 17:53:14 Removed Nikon Message Center
23-02-2015 17:53:32 Removed Picture Control Utility
23-02-2015 17:54:15 Removed ViewNX
23-02-2015 17:55:52 Removed File Uploader
23-02-2015 17:56:30 Removed Picture Control Utility
23-02-2015 18:03:42 Removed The Clockmaker - Die Stunde des Uhrmachers.
23-02-2015 18:34:51 Removed Samsung Kies
24-02-2015 13:07:56 Malwarebytes Anti-Rootkit Restore Point
24-02-2015 13:57:30 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-02-24 15:36 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0ADCF13C-D003-4C8D-94D7-EE901DA4A609} - System32\Tasks\{440C16AE-EFF7-4451-9E33-E04BFA205354} => Chrome.exe
Task: {222EB722-32B4-4C08-A2A1-67E2C6283CC2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {2CF4D595-4B23-416F-88CA-2861FD7D3B76} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {3B847ADD-D18A-42AB-B426-0774014E7014} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {42BF959D-4F51-4743-BF0E-ACD9096DECDA} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {43F46D89-5F6B-4D5D-AB7F-A404A7B51100} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {48C7550E-5201-4279-A0F1-2C60B8B60BB0} - System32\Tasks\{5F0472E8-4636-4748-8486-5A34D579AEB8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {52BAA416-89BB-4321-B717-345162D64B72} - System32\Tasks\{DDDAEAD7-D45D-41AA-8A89-B0F818DE02C4} => pcalua.exe -a "C:\Program Files (x86)\Shockwave.com\Camp Funshine - Carrie the Caregiver 3\Camp Funshine - Carrie the Caregiver 3.exe" -d C:\Users\ola\Desktop
Task: {56DB60FE-FFCB-467B-93F0-6FF5E9A07FF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {584CA625-7C99-4E0E-BE5F-9CDB3F94CE91} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {5FB1A7E7-2BF3-4A45-80B1-B8F6FA877477} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {724F7291-CE40-41A1-A9A0-924316DE2390} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {85DA9ABF-C6C3-448C-B5BE-8A01C40C2840} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {94621FE4-1114-43E4-A95C-B112540CE59C} - System32\Tasks\1und1 Konfiguration => C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe [2011-04-19] (1und1 Mail und Media GmbH)
Task: {9605CCA3-7C86-4ACC-90A5-3EBFA29BDB3B} - System32\Tasks\{AF6F217A-6557-4705-A11D-D8705CE52A49} => pcalua.exe -a "C:\Users\ola\Downloads\DancingCraze (1).exe" -d C:\Users\ola\Downloads
Task: {AA7B0780-C9B8-4CAD-95CC-371756F5B285} - System32\Tasks\{CAF7B480-2A56-4CF5-BEA1-D717E2B4F1AF} => pcalua.exe -a "C:\Users\ola\Downloads\InstallCakeMania2 (1).exe" -d C:\Users\ola\Downloads
Task: {AD1C7FB3-7C40-4FBA-ABB5-76BF963ECE99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {B50C9F2D-9499-4AB6-A724-C8AC8FA222D3} - System32\Tasks\{996E5C7A-CCAE-4656-8D5D-89BE152FD3E4} => pcalua.exe -a C:\Users\ola\Desktop\DiamondDrop2.exe -d C:\Users\ola\Desktop
Task: {B609AA2B-B181-43D3-84EC-B660DC3C01EC} - System32\Tasks\{208FEADB-A1A9-4840-8445-2DE9903BAFDA} => pcalua.exe -a "C:\Users\ola\Downloads\RitterArthur4 (1).exe" -d C:\Users\ola\Downloads
Task: {B9BFC3EB-5A7E-43D6-83AF-E11CDD19DDA2} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2011-06-08] (1&1 Mail & Media GmbH)
Task: {C1EA5B84-2B14-43D4-A295-95C026651C8F} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {C6409590-4B9B-4502-8AF5-0B8C7D0C9E64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {C675942D-5330-49A1-9E19-48953EF659E6} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {D08BC7DE-3204-457E-9541-091F2EEE1449} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E056F0DF-D200-4A05-AD81-BBA7BAC162FB} - System32\Tasks\{2FA90A2F-3E1B-4BDC-980B-0704EA92DA79} => pcalua.exe -a "C:\Users\ola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLAXA7BL\DiamondDrop2[1].exe" -d C:\Users\ola\Desktop
Task: {F7874B80-5184-4793-9FE4-3165B5525F41} - System32\Tasks\{0CF927CB-81C6-4D35-B425-FA96E1EA5DF3} => pcalua.exe -a "C:\Users\ola\Downloads\DieSpurensucher (1).exe" -d C:\Users\ola\Downloads
Task: {F78C369F-738B-4EDA-841C-520FA6C0878B} - System32\Tasks\{9B58D4A6-80C8-4626-96C0-D2D146DBFF74} => pcalua.exe -a "J:\maren\Office 2007 - Deutsch + seriell\setup.exe" -d "J:\maren\Office 2007 - Deutsch + seriell"
Task: {F8496263-A388-4A62-8EA8-52DA054C5770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001Core.job => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-107307583-39740663-3650351078-1001UA.job => C:\Users\ola\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
==================== Loaded Modules (whitelisted) ==============
2009-09-14 16:17 - 2009-09-14 16:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-09-12 18:39 - 2014-09-06 01:54 - 06281536 _____ () C:\Users\ola\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-06-26 11:25 - 2009-06-26 11:25 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-02-05 19:04 - 2010-02-05 19:04 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2010-05-04 15:36 - 2010-05-04 15:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2009-10-22 18:50 - 2009-10-22 18:50 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-02-22 13:40 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-22 13:40 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-22 13:40 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2010-02-05 19:03 - 2009-10-02 12:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-02-21 10:29 - 2015-02-17 23:44 - 01117512 _____ () C:\Users\ola\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-21 10:29 - 2015-02-17 23:44 - 00211272 _____ () C:\Users\ola\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-21 10:29 - 2015-02-17 23:44 - 09171272 _____ () C:\Users\ola\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\ola:zylomtest
AlternateDataStreams: C:\Users\ola:zylomtr{0000278T-TT9K-T8DU-07LG-28DG94S2MVRH}
AlternateDataStreams: C:\Users\ola:zylomtr{0000278T-TT9K-T8DU-07LG-28DG94S2MVTH}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-70L9-2A8RJ1B4CV71}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-70L9-2A8RJ1B4CVL4}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-9MH3-29NVUQ9IEVPR}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-GEOR-27TDF94KAVIC}
AlternateDataStreams: C:\Users\ola:zylomtr{00013KEU-UKQE-K6V0-QFBF-26K1JL6KQVVO}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-1VH8-28I0EFCC2VOB}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-1VH8-28I0EFCC2VVP}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-3BG4-281NL05DCVTO}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-6E2T-2B6FMQRBGVRR}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-6E2T-2B6FMQRBGVTH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU4}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG1-J24H-293SB52ICVVS}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-CB1H-264U84BSAVVN}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVIR}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVPQ}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVQQ}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVUC}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG2-V08M-26E8LC4K2VVR}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-1EMN-28M5NPU00VQH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-1EMN-295K77I0IVVI}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-40QI-27REBT9KOVVK}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-7U7M-26FBSL48IVVJ}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-8AT4-258NF6K78VST}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-L1G2-28QRSPMS6VVH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-L4Q0-290ETKLEB000}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-O5NG-26MTF54NEVSV}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-S3H7-2A5PQROOQVT8}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG3-S3H7-2A5PQROOQVVP}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-3S8E-27J3AJ6UT000}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-5TO3-2831TOKLCVUL}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-74E3-28689HMLOVUP}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG4-US8E-26I93FV2MVV4}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG5-8A6T-26VOTC6OMVND}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVKL}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVLH}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVML}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVOE}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-64CA-2ASVQDAHMVP0}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG6-64CA-2ASVQDAHMVS3}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-5P29-2A14KFREQVPV}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-9H53-25QU2TIGSVVL}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-27Q18NRLP000}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVTT}
AlternateDataStreams: C:\Users\ola:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVVI}
AlternateDataStreams: C:\Users\ola:zylomtr{1000278T-TT9K-T8DU-1KFV-23O5NTEJMVRJ}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Software\Classes\.exe: => <===== ATTENTION!
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-107307583-39740663-3650351078-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-107307583-39740663-3650351078-500 - Administrator - Disabled)
Gast (S-1-5-21-107307583-39740663-3650351078-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-107307583-39740663-3650351078-1002 - Limited - Enabled)
ola (S-1-5-21-107307583-39740663-3650351078-1001 - Administrator - Enabled) => C:\Users\ola
==================== Faulty Device Manager Devices =============
Name: X5XSEx
Description: X5XSEx
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: X5XSEx
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (02/24/2015 03:42:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/24/2015 03:42:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (02/24/2015 03:42:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "X5XSEx" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/24/2015 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/24/2015 03:41:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (02/24/2015 03:30:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "X5XSEx" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Microsoft Office Sessions:
=========================
Error: (05/14/2014 01:15:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3439 seconds with 2820 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-02-15 10:25:26.544
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-15 10:25:26.474
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:54:00.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:54:00.500
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:35:49.107
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 10:35:48.937
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:50.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:50.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:18.996
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 17:12:18.965
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 50%
Total physical RAM: 3959.08 MB
Available physical RAM: 1960.87 MB
Total Pagefile: 7916.34 MB
Available Pagefile: 5387.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:918.39 GB) (Free:684.2 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.02 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Iomega_HDD) (Fixed) (Total:465.76 GB) (Free:139.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: C94041C3)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
24.02.2015, 16:10
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe!!! Internet öffnet selbstständig Fenster. Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.02.2015, 22:08
| #23 |
| | Hilfe!!! Internet öffnet selbstständig Fenster. Hier schon mal das erste....und das sieht schon super aus. Ich flippe aus. Danke dir. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 24.02.2015 Suchlauf-Zeit: 16:17:30 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.02.24.04 Rootkit Datenbank: v2015.02.22.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ola Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 383216 Verstrichene Zeit: 11 Min, 56 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) HALLELUJA Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5bd68340bdfb4e4f9f074a4f2459d9be
# engine=22626
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-24 04:23:58
# local_time=2015-02-24 05:23:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1296 16777213 100 100 9771 28867720 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 8962 176424888 0 0
# scanned=121696
# found=4
# cleaned=0
# scan_time=2836
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Die_FreeRide_Games_Bar\Die_FreeRide_Games_BarToolbarHelper.exe"
sh=0497DEF079C91A14CC54EBDC7E9025BB245B78C0 ft=1 fh=3602d6868b043d08 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Die_FreeRide_Games_Bar\ldrtbDie_.dll"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Die_FreeRide_Games_Bar\prxtbDie_.dll"
sh=B5A8BD03570AD4B64DA1F3B99889A84DC2E8BF18 ft=1 fh=62cf372c5a341a16 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Die_FreeRide_Games_Bar\tbDie_.dll"
|
|
25.02.2015, 00:17
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe!!! Internet öffnet selbstständig Fenster. FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files (x86)\Die_FreeRide_Games_Bar
EmptyTemp:
Hosts:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.02.2015, 09:42
| #25 |
| | Hilfe!!! Internet öffnet selbstständig Fenster.Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2015
Ran by ola at 2015-02-25 09:32:47 Run:3
Running from C:\Users\ola\Desktop
Loaded Profiles: ola (Available profiles: ola)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Program Files (x86)\Die_FreeRide_Games_Bar
EmptyTemp:
Hosts:
*****************
C:\Program Files (x86)\Die_FreeRide_Games_Bar => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 17.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog 09:33:58 ====
|
|
25.02.2015, 09:44
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe!!! Internet öffnet selbstständig Fenster. Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.02.2015, 09:49
| #27 |
| | Hilfe!!! Internet öffnet selbstständig Fenster. Hey Cosinus, soweit ich das beurteilen kann, läuft hier wieder alles rund. VIELEN VIELEN DANK....auch wenn ich keine Ahnung habe, was wir (bzw. du) hier gemacht haben ;-) "Ghostery" schaue ich mir gleich mal an, da ich nicht glaube, dass sich die WG an alles hält. Du bist super - wirklich - vielen Dank!!!! LG, Ola PS: Kann ich hier irgendwo eine Bewertung abgeben? |
|
25.02.2015, 10:19
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe!!! Internet öffnet selbstständig Fenster. Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen. Helfen kann dir dabei delfix: Die Reihenfolge ist hier entscheidend.
Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Hilfe!!! Internet öffnet selbstständig Fenster. |
| ads, arbeit, fenster, gen, helft, hilfe!, interne, internet, internetseite, kaspersky, langsam, neue, problem, rechner, remover, security, seite, seiten, spybot, tipps, trojaner, win, win7, öffnen, öffnet |
Linear-Darstellung
